Total
365230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3989 | 1 Knusperleicht | 1 Shoutbox | 2026-06-16 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter. | |||||
| CVE-2006-3988 | 1 Knusperleicht | 1 Newsreporter | 2026-06-16 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter. | |||||
| CVE-2006-3987 | 1 Knusperleicht | 1 Knusperleicht Filemanager | 2026-06-16 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters. | |||||
| CVE-2006-3986 | 1 Knusperleicht | 1 Newsletter | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter. | |||||
| CVE-2006-3985 | 1 Conexware | 1 Powerarchiver | 2026-06-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name. | |||||
| CVE-2006-3984 | 2 Gianluca Baldo, Phpadsnew | 2 Phpauction, Phpadsnew | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter. | |||||
| CVE-2006-3983 | 1 Ekilat Llc | 1 Php\(reactor\) | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter. | |||||
| CVE-2006-3982 | 1 Knusperleicht | 1 Quickie | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter. | |||||
| CVE-2006-3981 | 1 Mambo | 1 Mambo Gallery Manager | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-3980 | 1 Mambo | 1 Mambo Gallery Manager | 2026-06-16 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
| CVE-2006-3979 | 1 Macromedia | 1 Coldfusion | 2026-06-16 | 7.2 HIGH | N/A |
| The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. | |||||
| CVE-2006-3978 | 1 Adobe | 1 Coldfusion | 2026-06-16 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors. | |||||
| CVE-2006-3977 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components." | |||||
| CVE-2006-3976 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-06-16 | 9.3 HIGH | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files. | |||||
| CVE-2006-3975 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-06-16 | 7.5 HIGH | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrary code due to "improper bounds checking when processing certain user input." | |||||
| CVE-2006-3974 | 1 3com | 1 3cr860-95 | 2026-06-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter. | |||||
| CVE-2006-3973 | 1 My Firewall Plus | 1 My Firewall Plus | 2026-06-16 | 7.2 HIGH | N/A |
| My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the "Test Your Firewall" feature, which allows local users to gain SYSTEM privileges. | |||||
| CVE-2006-3972 | 1 Scott Weedon | 1 Ajax Chat | 2026-06-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in includes/operator_chattranscript.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to read arbitrary files via a .. (dot dot) in the chatid parameter. | |||||
| CVE-2006-3971 | 1 Scott Weedon | 1 Ajax Chat | 2026-06-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in visitor/livesupport/chat.php in Scott Weedon Ajax Chat, possibly 0.1, allows remote attackers to inject arbitrary web script or HTML via the userid parameter. | |||||
| CVE-2006-3970 | 1 Joomla | 1 Lmo | 2026-06-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lmo.php in the LMO Component (com_lmo) 1.0b2 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | |||||
