Vulnerabilities (CVE)

Total 365230 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-3989 1 Knusperleicht 1 Shoutbox 2026-06-16 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
CVE-2006-3988 1 Knusperleicht 1 Newsreporter 2026-06-16 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter.
CVE-2006-3987 1 Knusperleicht 1 Knusperleicht Filemanager 2026-06-16 5.1 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters.
CVE-2006-3986 1 Knusperleicht 1 Newsletter 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter.
CVE-2006-3985 1 Conexware 1 Powerarchiver 2026-06-16 9.3 HIGH N/A
Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name.
CVE-2006-3984 2 Gianluca Baldo, Phpadsnew 2 Phpauction, Phpadsnew 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter.
CVE-2006-3983 1 Ekilat Llc 1 Php\(reactor\) 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter.
CVE-2006-3982 1 Knusperleicht 1 Quickie 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.
CVE-2006-3981 1 Mambo 1 Mambo Gallery Manager 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-3980 1 Mambo 1 Mambo Gallery Manager 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-3979 1 Macromedia 1 Coldfusion 2026-06-16 7.2 HIGH N/A
The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator.
CVE-2006-3978 1 Adobe 1 Coldfusion 2026-06-16 4.6 MEDIUM N/A
Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors.
CVE-2006-3977 1 Broadcom 1 Etrust Antivirus Webscan 2026-06-16 9.3 HIGH N/A
Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components."
CVE-2006-3976 1 Broadcom 1 Etrust Antivirus Webscan 2026-06-16 9.3 HIGH N/A
Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.
CVE-2006-3975 1 Broadcom 1 Etrust Antivirus Webscan 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrary code due to "improper bounds checking when processing certain user input."
CVE-2006-3974 1 3com 1 3cr860-95 2026-06-16 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter.
CVE-2006-3973 1 My Firewall Plus 1 My Firewall Plus 2026-06-16 7.2 HIGH N/A
My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the "Test Your Firewall" feature, which allows local users to gain SYSTEM privileges.
CVE-2006-3972 1 Scott Weedon 1 Ajax Chat 2026-06-16 5.0 MEDIUM N/A
Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. (dot dot) in the chatid parameter.
CVE-2006-3971 1 Scott Weedon 1 Ajax Chat 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to inject arbitrary web script or HTML via the userid parameter.
CVE-2006-3970 1 Joomla 1 Lmo 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.