Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2006-3981

    PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of thi... Read more

    Affected Products : mambo_gallery_manager
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2006-3980

    PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path paramet... Read more

    Affected Products : mambo_gallery_manager
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3993

    PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942 allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter.... Read more

    Affected Products : tsep
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3985

    Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name.... Read more

    Affected Products : powerarchiver powerarchiver
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3990

    Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2, possibly when used with the com_mtree component for Mambo and Joomla!, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in ... Read more

    Affected Products : savant2
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 6.8

    MEDIUM
    CVE-2006-3995

    Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.php, and possibly (2) footer.php, (3) functions.php, (4) install.uhp.php, (5) toolbar.uhp.html.php, (6) uhp.class.php, and (7) uninstall.uhp.php, in the UHP (User Home Pages) 0.5 compone... Read more

    Affected Products : user_home_pages
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3992

    Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to... Read more

    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 6.5

    MEDIUM
    CVE-2006-3996

    SQL injection vulnerability in links/index.php in ATutor 1.5.3.1 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) desc or (2) asc parameters.... Read more

    Affected Products : atutor
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3983

    PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter.... Read more

    Affected Products : php\(reactor\)
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3989

    PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.... Read more

    Affected Products : shoutbox
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3994

    SQL injection vulnerability in the u2u_send_recp function in u2u.inc.php in XMB (aka extreme message board) 1.9.6 Alpha and earlier allows remote attackers to execute arbitrary SQL commands via the u2uid parameter to u2u.php, which is directly accessed fr... Read more

    Affected Products : xmb_forum
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3991

    PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter.... Read more

    Affected Products : voodoo_chat
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3984

    PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter.... Read more

    Affected Products : phpadsnew phpauction
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3982

    PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.... Read more

    Affected Products : quickie
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3986

    PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter.... Read more

    Affected Products : newsletter
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3988

    PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter.... Read more

    Affected Products : newsreporter
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-3987

    Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters.... Read more

    Affected Products : knusperleicht_filemanager
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3977

    Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components."... Read more

    • Published: Aug. 04, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-3975

    Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrary code due to "improper bounds checking when processing certain user input."... Read more

    • Published: Aug. 04, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3976

    Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.... Read more

    • Published: Aug. 04, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 294071 Results