Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1255 1 Ipswitch 3 Imail, Imail Server, Ipswitch Collaboration Suite 2026-04-16 N/A
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.
CVE-2006-2650 1 Cosmicphp 1 Cosmicshoppingcart 2026-04-16 N/A
SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary SQL commands via the max parameter.
CVE-2005-1262 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
CVE-2006-2658 2 Mono, Suse 3 Xsp, Suse Linux, Suse Open Enterprise Server 2026-04-16 N/A
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request.
CVE-2005-1265 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).
CVE-2006-2659 1 Double Precision Incorporated 1 Courier Mta 2026-04-16 N/A
libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding.
CVE-2006-2660 1 Php 1 Php 2026-04-16 N/A
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename.
CVE-2006-2662 1 Vmware 1 Server 2026-04-16 N/A
VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges.
CVE-2006-2668 1 Docebolms 1 Docebolms 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) modules/credits/business.php, (2) modules/credits/credits.php, or (3) modules/credits/help.php.
CVE-2006-2670 1 Calendarscripts.com 1 Chatpat 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 allow remote attackers to inject arbitrary web script or HTML via a chat message in (1) fastchat.php and (2) fastshow.php.
CVE-2005-1291 1 Cartwiz 1 Asp Cart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp.
CVE-2006-2675 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.
CVE-2006-2676 1 Sitescape 1 Sitescape Forum 2026-04-16 N/A
Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames.
CVE-2005-1300 1 Inserter.cgi 1 Inserter.cgi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the inserter.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.
CVE-2006-2680 1 Php4script 1 Az Photo Album Script Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote attackers to inject arbitrary web script or HTML via the gazpart parameter.
CVE-2005-1304 1 Citat.pl 1 Citat.pl 2026-04-16 N/A
The citat.pl script allows remote attackers to execute arbitrary files via shell metacharacters in the argument.
CVE-2006-2692 1 Amule 1 Amule 2026-04-16 N/A
Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal.
CVE-2005-1305 1 Hyper.cgi 1 Hyper.cgi 2026-04-16 N/A
The hyper.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2006-2693 1 Nivisec 1 Hacks List 2026-04-16 N/A
Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter.
CVE-2006-2700 1 Geeklog 1 Geeklog 2026-04-16 N/A
SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the loginname parameter.