Total
362811 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-2179 | 1 Smartwin Technology | 1 Cyberoffice Warehouse Builder | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm. | |||||
| CVE-2006-2178 | 1 Smartwin Technology | 1 Cyberoffice Warehouse Builder | 2026-06-16 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allow remote attackers to inject arbitrary web script or HTML via the (1) SessionID parameter to login.asp, (2) ProductIndex parameter to browse0.htm, (3) rowcolor parameter to result.asp, or (4) heading parameter to result.asp. NOTE: vectors 1 and 2 might be resultant from SQL injection. | |||||
| CVE-2006-2177 | 1 Bitdamaged | 1 Geoblog | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | |||||
| CVE-2006-2176 | 1 Php Design X | 1 Php Linkliste | 2026-06-16 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) new_input, (2) new_url, or (3) new_name parameter. | |||||
| CVE-2006-2175 | 1 Ftrainsoft | 1 Fast Click | 2026-06-16 | 6.4 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in FtrainSoft Fast Click 2.3.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) show.php or (2) top.php. | |||||
| CVE-2006-2174 | 1 Virtual Hosting Control System | 1 Virtual Hosting Control System | 2026-06-16 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin/server_day_stats.php in Virtual Hosting Control System (VHCS) allow remote attackers to inject arbitrary web script or HTML via the (1) day, (2) month, or (3) year parameter. | |||||
| CVE-2006-2173 | 1 Filezilla | 1 Filezilla Server | 2026-06-16 | 6.4 MEDIUM | N/A |
| Buffer overflow in FileZilla FTP Server 2.2.22 allows remote authenticated attackers to cause a denial of service and possibly execute arbitrary code via a long (1) PORT or (2) PASS followed by the MLSD command, or (2) the remote server interface, as demonstrated by the Infigo FTPStress Fuzzer. | |||||
| CVE-2006-2172 | 1 Gene6 | 1 G6 Ftp Server | 2026-06-16 | 7.5 HIGH | N/A |
| Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer. | |||||
| CVE-2006-2171 | 1 Jgaa | 1 Warftpd | 2026-06-16 | 6.4 MEDIUM | N/A |
| Buffer overflow in WDM.exe in WarFTPD allows remote attackers to execute arbitrary code via unspecified arguments, as demonstrated by the Infigo FTPStress Fuzzer. | |||||
| CVE-2006-2170 | 1 Argosoft | 1 Ftp Server | 2026-06-16 | 6.4 MEDIUM | N/A |
| Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer. | |||||
| CVE-2006-2169 | 1 Best Practical Solutions | 1 Request Tracker | 2026-06-16 | 5.0 MEDIUM | N/A |
| RT: Request Tracker 3.5.HEAD allows remote attackers to obtain sensitive information via the Rows parameter in Dist/Display.html, which reveals the installation path in an error message. | |||||
| CVE-2006-2168 | 1 Fileprotection Express | 1 Fileprotection Express | 2026-06-16 | 7.5 HIGH | N/A |
| FileProtection Express 1.0.1 and earlier allows remote attackers to bypass authentication via a cookie with an Admin value of 1. | |||||
| CVE-2006-2167 | 1 Sloughflash | 1 Sf-users | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SloughFlash SF-Users 1.0, possibly in register.php, allows remote attackers to inject arbitrary web script or HTML by setting the username field to contain JavaScript in the SRC attribute of an IMG element. | |||||
| CVE-2006-2166 | 1 Cisco | 2 Unity Express, Unity Express Software | 2026-06-16 | 2.1 LOW | N/A |
| Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password. | |||||
| CVE-2006-2165 | 1 Pentasoft Corp. | 1 Avactis Shopping Cart | 2026-06-16 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Avactis Shopping Cart 0.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter in (a) store_special_offers.php and (b) store.php and (2) prod_id parameter in (c) product_info.php. NOTE: this issue might be resultant from SQL injection. | |||||
| CVE-2006-2164 | 1 Pentasoft Corp. | 1 Avactis Shopping Cart | 2026-06-16 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Avactis Shopping Cart 0.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category_id parameter in (a) store_special_offers.php and (b) store.php, and (2) prod_id parameter in (c) cart.php and (d) product_info.php. NOTE: this issue also produces resultant full path disclosure from invalid SQL queries. | |||||
| CVE-2006-2163 | 1 Desert Dog Software | 1 Pinnacle Cart | 2026-06-16 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart 3.33 and earlier allows remote attackers to inject arbitrary web script or HTML via the setbackurl parameter. | |||||
| CVE-2006-2162 | 1 Nagios | 1 Nagios | 2026-06-16 | 5.0 MEDIUM | N/A |
| Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header. | |||||
| CVE-2006-2161 | 3 Cam Development, Erik Dienske, Roger Aelbrecht | 3 Cam Unzip, Abakt, Tzipbuilder | 2026-06-16 | 5.1 MEDIUM | N/A |
| Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name. | |||||
| CVE-2006-2160 | 1 Russcom Network | 1 Loginphp | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp (Russcom.Loginphp) allows remote attackers to inject arbitrary web script or HTML via the username field when registering. | |||||
