Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-2692 1 Amule 1 Amule 2026-04-16 N/A
Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal.
CVE-2006-2693 1 Nivisec 1 Hacks List 2026-04-16 N/A
Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter.
CVE-2006-2700 1 Geeklog 1 Geeklog 2026-04-16 N/A
SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the loginname parameter.
CVE-2005-1310 1 Eaden Mckee 1 Bblog 2026-04-16 N/A
SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter.
CVE-2006-2709 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remote attackers to (1) execute arbitrary code on a client or (2) forge messages to the server.
CVE-2003-0454 1 Joe Rumsey 1 Xgalaga 2026-04-16 N/A
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
CVE-2006-2727 1 Epic Designs 1 Eggblog 2026-04-16 N/A
home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter.
CVE-2005-1324 1 Matthieu Aubry 1 Phpmyvisites 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters.
CVE-2005-1328 1 Oneworldstore 1 Oneworldstore 2026-04-16 N/A
OneWorldStore allows remote attackers to cause a denial of service (application crash) via a direct request to owConnections/chksettings.asp.
CVE-2006-2751 1 Open Searchable Image Catalogue 1 Open Searchable Image Catalogue 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary web scripts or HTML via the item_list parameter in search.php.
CVE-2005-1329 1 Oneworldstore 1 Oneworldstore 2026-04-16 N/A
owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sensitive information by modifying the idOrder parameter.
CVE-2005-1332 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory.
CVE-2005-1333 1 Apple 1 Mac Os X 2026-04-16 N/A
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
CVE-2005-1341 1 Apple 3 Mac Os X, Mac Os X Server, Terminal 2026-04-16 N/A
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
CVE-2006-2765 1 Interlink Advantage 1 Interlink Advantage 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in news_information.php in Interlink Advantage allows remote attackers to inject arbitrary web script or HTML via the flag parameter.
CVE-2006-2774 1 Qontentone 1 Qontentone Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in QontentOne CMS allows remote attackers to inject arbitrary web script or HTML via the search_phrase parameter.
CVE-2006-2778 2 Mozilla, Redhat 3 Firefox, Thunderbird, Enterprise Linux 2026-04-16 N/A
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
CVE-2006-2792 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers to execute arbitrary SQL commands via the sid parameter.
CVE-2006-2804 1 Goss 1 Icm 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.cfm in Goss Intelligent Content Management (iCM) 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.
CVE-2006-2809 1 Ar-blog 1 Ar-blog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333.