Total
361595 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1160 | 1 Efs Software | 1 Efs Web Server | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file. | |||||
| CVE-2006-1159 | 1 Efs Software | 1 Efs Web Server | 2026-06-16 | 7.8 HIGH | N/A |
| Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request. | |||||
| CVE-2006-1158 | 1 Kerio | 1 Kerio Mailserver | 2026-06-16 | 7.8 HIGH | N/A |
| Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command. | |||||
| CVE-2006-1157 | 1 Adp | 1 Adp Forum | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php. | |||||
| CVE-2006-1156 | 1 Manas Tungare | 1 Site Membership Script | 2026-06-16 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. | |||||
| CVE-2006-1155 | 1 Manas Tungare | 1 Site Membership Script | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp. | |||||
| CVE-2006-1154 | 1 Fscripts | 1 Fantastic News | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable. | |||||
| CVE-2006-1153 | 1 D2-shoutbox | 1 D2-shoutbox | 2026-06-16 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB). | |||||
| CVE-2006-1152 | 1 M Phorum | 1 M Phorum | 2026-06-16 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1151 | 1 M Phorum | 1 M Phorum | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter. | |||||
| CVE-2006-1150 | 1 Teg | 1 Tenes Empanadas Graciela | 2026-06-16 | 7.8 HIGH | N/A |
| Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error. | |||||
| CVE-2006-1149 | 1 Owl | 1 Owl Intranet Engine | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use. | |||||
| CVE-2006-1148 | 1 Peercast | 1 Peercast | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp. | |||||
| CVE-2006-1147 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2026-06-16 | 4.0 MEDIUM | N/A |
| The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name. | |||||
| CVE-2006-1146 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2026-06-16 | 6.5 MEDIUM | N/A |
| Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server. | |||||
| CVE-2006-1145 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2026-06-16 | 6.5 MEDIUM | N/A |
| Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients. | |||||
| CVE-2006-1144 | 1 David Ravenscroft | 1 Hithost | 2026-06-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php. | |||||
| CVE-2006-1143 | 1 Ftpoed | 1 Ftpoed Blog Engine | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment_body parameter, as used by the comment field, when posting a comment. | |||||
| CVE-2006-1142 | 1 Solido Systems | 1 Ravenous Web Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact. | |||||
| CVE-2006-1141 | 1 Inter7 | 1 Qmailadmin | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable. | |||||