Vulnerabilities (CVE)

Total 366633 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5316 1 Phplibre 1 Registrotl 2026-06-16 7.8 HIGH N/A
registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat.
CVE-2006-5315 1 Phplibre 1 Registrotl 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in main.php in registroTL allows remote attackers to execute arbitrary PHP code via an ftp:// URL in the page parameter.
CVE-2006-5314 1 Phplibre 1 Tribunalibre 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.
CVE-2006-5313 1 Hastymail 1 Hastymail 2026-06-16 6.5 MEDIUM N/A
Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary SMTP commands by placing them after a CRLF.CRLF sequence in the smtp_message parameter. NOTE: this crosses privilege boundaries if the SMTP server configuration prevents a user from establishing a direct SMTP session. NOTE: this is a different type of issue than CVE-2006-5262.
CVE-2006-5312 1 Phpbb 1 Ajax Shoutbox 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in shoutbox.php in the Ajax Shoutbox 0.0.5 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5311 1 Buzlas 1 Buzlas 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5310 2 J-pierre Dezelus, Phpmyconferences 2 Les Visiteurs, Phpmyconferences 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter.
CVE-2006-5309 1 Phpbb 1 Prillian French 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5308 1 Open Conference Systems 1 Open Conference Systems 2026-06-16 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.
CVE-2006-5307 1 Afgb 1 Afgb Guestbook 2026-06-16 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in AFGB GUESTBOOK 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the Htmls parameter in (1) add.php, (2) admin.php, (3) look.php, or (4) re.php.
CVE-2006-5306 1 Phpbb 1 Journals System Module 2026-06-16 6.8 MEDIUM N/A
Multiple PHP remote file inclusion vulnerabilities in the Journals System module 1.0.2 (RC2) and earlier for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/journals_delete.php, (2) includes/journals_post.php, or (3) includes/journals_edit.php.
CVE-2006-5305 1 Phpbb 1 Lat2cyr 2026-06-16 5.1 MEDIUM N/A
PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5304 1 Inccms Technology 1 Inccms Core 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in inc/settings.php in IncCMS Core 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter.
CVE-2006-5303 1 Securecomputing 1 Safeword Remoteaccess 2026-06-16 2.1 LOW N/A
Secure Computing SafeWord RemoteAccess 2.1 allows local users to obtain the UserCenter webportal password, database encryption keys, and signing keys by reading (1) base-64 encoded data in SERVERS\Web\Tomcat\usercenter\WEB-INF\login.conf and (2) plaintext data in SERVERS\Shared\signers.cfg. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5302 1 Redaction System 1 Redaction System 2026-06-16 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in Redaction System 1.0000 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang_prefix parameter to (a) conn.php, (b) sesscheck.php, (c) wap/conn.php, or (d) wap/sesscheck.php, or the (2) lang parameter to (e) index.php.
CVE-2006-5301 1 Phpbb 1 Spamblockermod 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in includes/antispam.php in the SpamBlockerMODv 1.0.2 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5300 1 Hp 1 Version Control Agent 2026-06-16 6.5 MEDIUM N/A
Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain "unauthorized access" to a remote Repository Manager account and potentially gain privileges via unspecified vectors.
CVE-2006-5299 1 Gcontact 1 Gcontact 2026-06-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Gcontact 0.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-5298 1 Mutt 1 Mutt 2026-06-16 1.2 LOW N/A
The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and safe_fopen function calls.
CVE-2006-5297 1 Mutt 1 Mutt 2026-06-16 1.2 LOW N/A
Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.