Vulnerabilities (CVE)

Total 364825 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-3753 1 Professional Home Page Tools 1 Professional Home Page Tools Guestbook 2026-06-16 6.4 MEDIUM N/A
setcookie.php for the administration login in Professional Home Page Tools Guestbook records the hash of the administrator password in a cookie, which allows attackers to conduct brute force password guessing attacks after obtaining the hash.
CVE-2006-3752 1 Professional Home Page Tools 1 Professional Home Page Tools Guestbook 2026-06-16 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters.
CVE-2006-3751 1 Htmlarea3 1 Htmlarea3 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon Component (com_htmlarea3_xtd-c) for ImageManager 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3750 1 Hashcash 1 Hashcash 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in server.php in the Hashcash Component (com_hashcash) 1.2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3749 1 Mambo 1 Sitemap 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap component (com_sitemap) 2.0.0 for Mambo 4.5.1 CMS, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3748 1 Mamboxchange 1 Loudmouth 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in includes/abbc/abbc.class.php in the LoudMouth Component for Mambo 4.0j, and possibly other versions including 4.1, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3747 3 Apache, Canonical, Debian 3 Http Server, Ubuntu Linux, Debian Linux 2026-06-16 7.6 HIGH N/A
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
CVE-2006-3746 1 Gnupg 1 Gnupg 2026-06-16 5.0 MEDIUM N/A
Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message.
CVE-2006-3745 1 Linux 1 Linux Kernel 2026-06-16 7.2 HIGH N/A
Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors.
CVE-2006-3744 1 Imagemagick 1 Imagemagick 2026-06-16 5.1 MEDIUM N/A
Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.
CVE-2006-3743 1 Imagemagick 1 Imagemagick 2026-06-16 5.1 MEDIUM N/A
Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images.
CVE-2006-3742 1 Kde 1 Kdebase 2026-06-16 10.0 HIGH N/A
The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows attackers to login without a password by attempting to log in multiple times.
CVE-2006-3741 1 Linux 1 Linux Kernel 2026-06-16 4.9 MEDIUM N/A
The perfmonctl system call (sys_perfmonctl) in Linux kernel 2.4.x and 2.6 before 2.6.18, when running on Itanium systems, does not properly track the reference count for file descriptors, which allows local users to cause a denial of service (file descriptor consumption).
CVE-2006-3740 2 X.org, Xfree86 Project 2 X.org, Xfree86 X 2026-06-16 7.2 HIGH N/A
Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
CVE-2006-3739 2 X.org, Xfree86 Project 2 X.org, Xfree86 X 2026-06-16 7.2 HIGH N/A
Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
CVE-2006-3738 1 Openssl 1 Openssl 2026-06-16 10.0 HIGH N/A
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.
CVE-2006-3737 1 Swsoft 1 Plesk Control Panel 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter.
CVE-2006-3736 1 Mambo 1 Videodb 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in core/videodb.class.xml.php in the VideoDB component for Mambo 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3735 1 Mail2forum 1 Mail2forum 2026-06-16 5.1 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in Mail2Forum (module for phpBB) 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the m2f_root_path parameter to (1) m2f/m2f_phpbb204.php, (2) m2f/m2f_forum.php, (3) m2f/m2f_mailinglist.php or (4) m2f/m2f_cron.php.
CVE-2006-3734 1 Cisco 1 Cs-mars 2026-06-16 7.2 HIGH N/A
Multiple unspecified vulnerabilities in the Command Line Interface (CLI) for Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root.