Total
360106 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0352 | 1 Fluffington | 1 Flog | 2026-06-16 | 5.0 MEDIUM | N/A |
| The default configuration of Fluffington FLog 1.01 installs users.0.dat under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (login credentials) via a direct request. NOTE: It was later reported that 1.1.2 is also affected. | |||||
| CVE-2006-0351 | 1 Don Moore | 1 Mydns | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors. | |||||
| CVE-2006-0350 | 1 Epic Designs | 1 Eggblog | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. | |||||
| CVE-2006-0349 | 1 Epic Designs | 1 Eggblog | 2026-06-16 | 7.5 HIGH | N/A |
| SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php. | |||||
| CVE-2006-0348 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-06-16 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-0347 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL. | |||||
| CVE-2006-0346 | 1 Saral Kaushik | 1 Saralblog | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php. | |||||
| CVE-2006-0345 | 1 Saral Kaushik | 1 Saralblog | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. NOTE: the id/viewprofile.php issue is already covered by CVE-2005-4058. | |||||
| CVE-2006-0344 | 1 Intervations | 1 Filecopa | 2026-06-16 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in Intervations FileCOPA FTP Server 1.01 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the (1) STOR and (2) RETR commands. | |||||
| CVE-2006-0343 | 1 Hitachi | 2 Jpi Netsight Ii Port Discovery Advance, Jpi Netsight Ii Port Discovery Standard | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving "invalid format data". | |||||
| CVE-2006-0342 | 1 Rockliffe | 1 Mailsite | 2026-06-16 | 7.8 HIGH | N/A |
| RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|". | |||||
| CVE-2006-0341 | 1 Rockliffe | 1 Mailsite | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2006-0340 | 1 Cisco | 1 Ios | 2026-06-16 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | |||||
| CVE-2006-0339 | 1 Bitcomet | 1 Bitcomet | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file. | |||||
| CVE-2006-0338 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. | |||||
| CVE-2006-0337 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, Internet Gatekeeper and 1 more | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. | |||||
| CVE-2006-0336 | 1 Kerio | 1 Winroute Firewall | 2026-06-16 | 5.0 MEDIUM | N/A |
| Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web". | |||||
| CVE-2006-0335 | 1 Kerio | 1 Winroute Firewall | 2026-06-16 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before 6.1.4 Patch 1 allow remote attackers to cause a denial of service via multiple unspecified vectors involving (1) long strings received from Active Directory and (2) the filtering of HTML. | |||||
| CVE-2006-0334 | 1 Freekrai.net | 1 My Amazon Store Manager | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in My Amazon Store Manager 1.0 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some sources claim that the affected parameter is "q", but the only public archive of the original researcher notification shows an XSS manipulation in "Keywords". | |||||
| CVE-2006-0333 | 1 Ar-blog | 1 Ar-blog | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php. | |||||