Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 2.6

    LOW
    CVE-2006-0800

    Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML tags with a trailing "<" character, which is interpreted as a ">" character by some web browsers but bypasses the blacklis... Read more

    Affected Products : postnuke
    • Published: Feb. 20, 2006
    • Modified: Apr. 03, 2025

  • 2.6

    LOW
    CVE-2006-0802

    Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is enabled, allows remote attackers to inject arbitrary web script or HTML via the language parameter in a missing or translation ope... Read more

    Affected Products : postnuke
    • Published: Feb. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-0801

    SQL injection vulnerability in the NS-Languages module for PostNuke 0.761 and earlier, when magic_quotes_gpc is off, allows remote attackers to execute arbitrary SQL commands via the language parameter to admin.php.... Read more

    Affected Products : postnuke
    • Published: Feb. 20, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-0790

    Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending crafted LDAP packets to port 389/TCP, as demonstrated by the ProtoVer LDAP testsuite.... Read more

    Affected Products : mailsite
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.5

    MEDIUM
    CVE-2006-0798

    Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. (dot dot) in the argument to the... Read more

    Affected Products : mail_solution
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0792

    Cross-site scripting (XSS) vulnerability in preferences.personal.php in V-webmail 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the newid parameter. NOTE: the provenance of this information is unknown; the details are obtained ... Read more

    Affected Products : v-webmail
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-0793

    frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informati... Read more

    Affected Products : v-webmail
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-0794

    help.php in V-webmail 1.6.2 allows remote attackers to obtain the installation path via unspecified invalid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.... Read more

    Affected Products : v-webmail
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-0791

    PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.... Read more

    Affected Products : hostadmin
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-0799

    Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an I... Read more

    Affected Products : internet_explorer
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2006-0797

    Nokia N70 cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual l... Read more

    Affected Products : n70
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0796

    Cross-site scripting (XSS) vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages (privatemessages.php). NOTE: the provenance of this information i... Read more

    Affected Products : clever_copy
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-0795

    Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_foot, and (3) template variables.... Read more

    Affected Products : quirex
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2006-0782

    Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of (1) the reply parameter, possibly inv... Read more

    Affected Products : perlblog
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-0788

    Kyocera 3830 (aka FS-3830N) printers have a back door that allows remote attackers to read and alter configuration settings via strings that begin with "!R!SIOP0", as demonstrated using (1) a connection to to TCP port 9100 or (2) the UNIX lp command.... Read more

    Affected Products : fs-3830n
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2006-0780

    Multiple cross-site scripting (XSS) vulnerabilities in weblog.pl in PerlBlog 1.09b and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) email parameters.... Read more

    Affected Products : perlblog
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.1

    MEDIUM
    CVE-2006-0786

    Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_url_fopen enabled, allows remote attackers to conduct PHP remote file include attacks via a path parameter that specifies a (1) UNC share or (2) ftps URL, ... Read more

    Affected Products : phpkit
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2006-0789

    Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session.... Read more

    Affected Products : fs-3830n
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2006-0781

    Directory traversal vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to read certain files via the month parameter.... Read more

    Affected Products : perlblog
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2006-0787

    wimpy_trackplays.php in Plaino Wimpy MP3 Player, possibly 5.2 and earlier, allows remote attackers to insert arbitrary strings into trackme.txt via the (1) trackFile, (2) trackArtist, and (3) trackTitle parameters, which can result in providing false info... Read more

    Affected Products : wimpy_mp3
    • Published: Feb. 19, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 293414 Results