NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 25, 2026, 4:04 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
342551	6.4	MEDIUM	novell	netware	Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitr…	CWE-189 Numeric Errors	CVE-2006-2327	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342552	6.4	MEDIUM	novell	netware	Apply fix for Novell NetWare 6.5 Support Pack 3, 4, or 5.	CWE-189 Numeric Errors	CVE-2006-2327	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342553	6.4	MEDIUM	angelinecms	angelinecms	SQL injection vulnerability in lib/adodb/server.php in AngelineCMS 0.6.5 and earlier might allow remote attackers to execute arbitrary SQL commands via the query string.	NVD-CWE-Other	CVE-2006-2328	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342554	6.4	MEDIUM	php_fusion	php_fusion	PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more…	NVD-CWE-Other	CVE-2006-2330	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342555	6.4	MEDIUM	php_fusion	php_fusion	Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to include and execute arbitrary local files via (1) a .. (dot dot) in the settings[locale] parameter in inf…	NVD-CWE-Other	CVE-2006-2331	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342556	6.4	MEDIUM	mybulletinboard	mybulletinboard	Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote attackers to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e…	NVD-CWE-Other	CVE-2006-2333	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342557	5.0	MEDIUM	angelinecms	angelinecms	AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_…	NVD-CWE-Other	CVE-2006-2329	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342558	2.1	LOW	microsoft	windows_2000 windows_xp	The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows co…	NVD-CWE-Other	CVE-2006-2334	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342559	6.5	MEDIUM	jelsoft	vbulletin	Jelsoft vBulletin accepts uploads of Cascading Style Sheets (CSS) and processes them in a way that allows remote authenticated administrators to gain shell access by uploading a CSS file that contain…	NVD-CWE-Other	CVE-2006-2335	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342560	6.4	MEDIUM	mybulletinboard	mybulletinboard	SQL injection vulnerability in showthread.php in MyBB (aka MyBulletinBoard) 1.1.1 allows remote attackers to execute arbitrary SQL commands via the comma parameter.	NVD-CWE-Other	CVE-2006-2336	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342561	5.0	MEDIUM	d-link	dsl-g604t	Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter.	CWE-22 Path Traversal	CVE-2006-2337	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342562	7.5	HIGH	planet_concept	planetstat	PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the (1) admin.php or (2) settings.php page.	NVD-CWE-Other	CVE-2006-2338	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342563	5.0	MEDIUM	symantec	enterprise_firewall gateway_security	The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malform…	CWE-200 Information Exposure	CVE-2006-2341	2018-10-19 01:39	2006-05-12	Show	GitHub Exploit DB Packet Storm

342564	5.0	MEDIUM	oasyssoft	e-business_designer	E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to obtain the full path of the web server via "'" characters, and possibly other invalid values, in (1) the id parameter to form_gr…	NVD-CWE-Other	CVE-2006-2347	2018-10-19 01:39	2006-05-13	Show	GitHub Exploit DB Packet Storm

342565	2.6	LOW	oasyssoft	e-business_designer	Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: …	NVD-CWE-Other	CVE-2006-2348	2018-10-19 01:39	2006-05-13	Show	GitHub Exploit DB Packet Storm

342566	6.8	MEDIUM	oasyssoft	e-business_designer	E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.uploa…	NVD-CWE-Other	CVE-2006-2349	2018-10-19 01:39	2006-05-13	Show	GitHub Exploit DB Packet Storm

342567	4.3	MEDIUM	phpbb_group	phpbb	Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resul…	NVD-CWE-Other	CVE-2006-2359	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342568	7.5	HIGH	phpbb_group	phpbb	SQL injection vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter.	NVD-CWE-Other	CVE-2006-2360	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342569	5.1	MEDIUM	limbo_cms	limbo_cms	SQL injection vulnerability in the weblinks option (weblinks.html.php) in Limbo CMS allows remote attackers to execute arbitrary SQL commands via the catid parameter.	CWE-89 CWE-16 SQL Injection Configuration	CVE-2006-2363	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342570	10.0	HIGH	microsoft	dhcp_client_service	Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP respo…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-2372	2018-10-19 01:39	2006-07-12	Show	GitHub Exploit DB Packet Storm

342571	7.5	HIGH	microsoft	windows_98 windows_98se windows_me	Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image wi…	CWE-189 Numeric Errors	CVE-2006-2376	2018-10-19 01:39	2006-06-14	Show	GitHub Exploit DB Packet Storm

342572	9.3	HIGH	microsoft	excel excel_viewer	Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuild…	CWE-94 Code Injection	CVE-2006-2388	2018-10-19 01:39	2006-07-14	Show	GitHub Exploit DB Packet Storm

342573	7.5	HIGH	emc	retrospect_client	Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497.	NVD-CWE-Other	CVE-2006-2391	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342574	7.5	HIGH	emc	retrospect_client	Failed exploit attempts will likely crash the application, denying further service to legitimate users.	NVD-CWE-Other	CVE-2006-2391	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342575	5.0	MEDIUM	empire_server	empire_server	The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, …	NVD-CWE-Other	CVE-2006-2393	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342576	5.8	MEDIUM	turnkey_web_tools	php_live_helper	Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.	NVD-CWE-Other	CVE-2006-2394	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342577	5.8	MEDIUM	gphotos	gphotos	Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) rep parameter to (a) index.php or (b) diapo.ph…	NVD-CWE-Other	CVE-2006-2397	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342578	5.0	MEDIUM	gphotos	gphotos	Directory traversal vulnerability in index.php in GPhotos 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the rep parameter.	NVD-CWE-Other	CVE-2006-2398	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342579	7.5	HIGH	outgun	outgun	Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application c…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-2399	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342580	7.8	HIGH	outgun	outgun	The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be th…	NVD-CWE-Other	CVE-2006-2400	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342581	7.8	HIGH	outgun	outgun	The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which trig…	NVD-CWE-Other	CVE-2006-2401	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342582	5.0	MEDIUM	outgun	outgun	Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long strin…	NVD-CWE-Other	CVE-2006-2402	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342583	6.4	MEDIUM	radscripts	radlance	Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.	NVD-CWE-Other	CVE-2006-2404	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342584	6.8	MEDIUM	unclassified_newsboard	unclassified_newsboard	Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary fi…	NVD-CWE-Other	CVE-2006-2405	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342585	6.8	MEDIUM	unclassified_newsboard	unclassified_newsboard	Successful exploitation requires that "register_globals" is enabled and that "magic_quotes_gpc" is disabled.	NVD-CWE-Other	CVE-2006-2405	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342586	7.5	HIGH	freeftpd freesshd weonlydo	freeftpd freesshd wodsshserver	Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attacker…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-2407	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342587	7.5	HIGH	raydium	raydium	Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydi…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-2408	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342588	4.6	MEDIUM	raydium	raydium	Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format paramet…	CWE-134 Use of Externally-Controlled Format String	CVE-2006-2409	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342589	5.0	MEDIUM	raydium	raydium	raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which ca…	NVD-CWE-Other	CVE-2006-2410	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342590	7.5	HIGH	raydium	raydium	Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables t…	NVD-CWE-Other	CVE-2006-2411	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342591	5.0	MEDIUM	raydium	raydium	The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid…	NVD-CWE-Other	CVE-2006-2412	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342592	5.0	MEDIUM	gnunet	gnunet	GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors.	NVD-CWE-Other	CVE-2006-2413	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342593	5.0	MEDIUM	timo_sirainen	dovecot	Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the …	NVD-CWE-Other	CVE-2006-2414	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342594	5.1	MEDIUM	e107	e107	SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name'].	CWE-89 SQL Injection	CVE-2006-2416	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342595	5.1	MEDIUM	e107	e107	Update to version 0.7.4. http://e107.org/edownload.php	CWE-89 SQL Injection	CVE-2006-2416	2018-10-19 01:39	2006-05-16	Show	GitHub Exploit DB Packet Storm

342596	4.3	MEDIUM	swsoft	confixx	Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.	NVD-CWE-Other	CVE-2006-2423	2018-10-19 01:39	2006-05-17	Show	GitHub Exploit DB Packet Storm

342597	4.3	MEDIUM	phpremoteview	phpremoteview	Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, a…	NVD-CWE-Other	CVE-2006-2425	2018-10-19 01:39	2006-05-17	Show	GitHub Exploit DB Packet Storm

342598	6.4	MEDIUM	sun	jdk jre sdk	Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.…	NVD-CWE-Other	CVE-2006-2426	2018-10-19 01:39	2006-05-17	Show	GitHub Exploit DB Packet Storm

342599	4.3	MEDIUM	ibm	websphere_application_server	Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (8880/tcp) in IBM WebSphere Application Server 5.0.2 and earlier, 5.1.x before 5.1.1.12, and 6.0.2 up t…	CWE-79 Cross-site Scripting	CVE-2006-2431	2018-10-19 01:39	2006-05-17	Show	GitHub Exploit DB Packet Storm

342600	4.3	MEDIUM	verosky_media	instant_photo_gallery	Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the cat_id …	NVD-CWE-Other	CVE-2006-2079	2018-10-19 01:38	2006-04-28	Show	GitHub Exploit DB Packet Storm