Vulnerabilities (CVE)

Total 367067 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5680 1 Freebsd 1 Freebsd 2026-06-16 5.0 MEDIUM N/A
The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before 2006-11-08 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive that causes libarchive to skip a region past the actual end of the archive, which triggers an infinite loop that attempts to read more data.
CVE-2006-5679 1 Freebsd 1 Freebsd 2026-06-16 4.6 MEDIUM N/A
Integer overflow in the ffs_mountfs function in FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted UFS filesystem that causes invalid or large size parameters to be provided to the kmem_alloc function. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem.
CVE-2006-5678 2 J-pierre Dezelus, Phpmyconferences 2 Les Visiteurs, Phpmyconferences 2026-06-16 7.5 HIGH 9.8 CRITICAL
PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_modules_dir parameter. NOTE: CVE disputes this vulnerability, because the inclusion occurs in a function that is not called during a direct request to library.inc.php
CVE-2006-5677 1 Cluster Resources 1 Torque Resource Manager 2026-06-16 7.2 HIGH N/A
resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs.
CVE-2006-5676 1 Uni-vert 1 Phpleague 2026-06-16 6.4 MEDIUM N/A
SQL injection vulnerability in consult/classement.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the champ parameter.
CVE-2006-5675 1 Pentaho 1 Business Intelligence Suite 2026-06-16 10.0 HIGH N/A
Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
CVE-2006-5674 1 Minibb 1 Minibb 2026-06-16 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter to (1) bb_func_forums.php, (2) bb_functions.php, or (3) the RSS plugin.
CVE-2006-5673 1 Minibb 1 Minibb 2026-06-16 6.8 MEDIUM N/A
PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter.
CVE-2006-5672 1 Mysource Cms 1 Mysource Cms 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in web/init_mysource.php in MySource CMS 2.16.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter.
CVE-2006-5671 1 Free Php Scripts 1 Free Image Hosting 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in contact.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5670 1 Free Php Scripts 1 Free Image Hosting 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter.
CVE-2006-5669 1 Gepi 1 Gepi 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in gestion/savebackup.php in Gepi 1.4.0 and earlier, and possibly other versions before 1.4.4, allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter.
CVE-2006-5668 1 Ampache 1 Ampache 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access.
CVE-2006-5667 1 P-book 1 P-book 2026-06-16 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in P-Book 1.17 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pb_lang parameter to (1) admin.php and (2) pbook.php.
CVE-2006-5666 1 Asmir Alic 1 E Annu 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in includes/menu.inc.php in E-Annu 1.0 allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: some of these details are obtained from third party information.
CVE-2006-5665 1 Spider Friendly 1 Spider Friendly 2026-06-16 7.5 HIGH N/A
PHP remote file inclusion vulnerability in admin/modules_data.php in the phpBB module Spider Friendly 1.3.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5664 1 Ibm 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect 2026-06-16 4.6 MEDIUM N/A
The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files.
CVE-2006-5663 1 Ibm 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect 2026-06-16 4.6 MEDIUM N/A
IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts.
CVE-2006-5662 1 Evandor 1 Easy Notesmanager 2026-06-16 7.5 HIGH N/A
SQL injection vulnerability in easy notesManager (eNM) 0.0.1 allows remote attackers to execute arbitrary SQL commands via (1) the username parameter in login.php and (2) a search on the "search page."
CVE-2006-5661 1 Virtech 1 Netquery 2026-06-16 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech Netquery allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.