| CVE-2006-3941 | Unspecified vulnerability in the daemons for Sun N1 Grid Engine 5.3 and N1 Grid Engine 6.0 allows local users to cause a denial of service (grid service shutdown) and possibly execute arbitrary code using buffer overflows via unknown vectors that cause (1) qmaster or (2) execd to terminate. | high | 2026-04-16 |
| CVE-2006-3940 | Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php. NOTE: the auction_rating.php vector is already covered by CVE-2005-1234. NOTE: the original disclosure states that the product name is "PHP-Auction", but this is probably an error. | critical | 2026-04-16 |
| CVE-2006-3939 | ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities without authentication in (1) filter.php, which permits changing the Extensions Mode file type; (2) access.php, which permits changing the Protection Method; (3) edituser.php, which permits adding upload capabilities to user accounts; (4) settings.php, which permits changing the admin information; and (5) index.php, which permits uploading of arbitrary files. | critical | 2026-04-16 |
| CVE-2006-3938 | DotClear allows remote attackers to obtain sensitive information via a direct request for (1) edit_cat.php, (2) index.php, (3) edit_link.php in ecrire/tools/blogroll/; (4) syslog/index.php, (5) thememng/index.php, (6) toolsmng/index.php, (7) utf8convert/index.php in /ecrire/tools/; (8) /ecrire/inc/connexion.php and (9) /inc/session.php; (10) class.blog.php, (11) class.blogcomment.php, (12) and class.blogpost.php in /inc/classes/; (13) append.php, (14) class.xblog.php, (15) class.xblogcomment.php, and (16) class.xblogpost.php in /layout/; (17) form.php, (18) list.php, (19) post.php, or (20) template.php in /themes/default/, which reveal the installation path in error messages. | critical | 2026-04-16 |
| CVE-2006-3937 | post.php in x_atrix xGuestBook 1.02 allows remote attackers to obtain sensitive information via a request without the (1) user, (2) mail, (3) p, or (4) url parameter, which reveals the installation path in an error message. | medium | 2026-04-16 |
| CVE-2006-3936 | system/workplace/editors/editor.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to read the source code of arbitrary JSP files by specifying the file in the resource parameter, as demonstrated using index.jsp. | medium | 2026-04-16 |
| CVE-2006-3935 | system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to administrator functions, which allows remote authenticated users to (1) send broadcast messages to all users (/workplace/broadcast), (2) list all users (/accounts/users), (3) add webusers (/accounts/webusers/new), (4) upload database import and export files (/database/importhttp), (5) upload arbitrary program modules (/modules/modules_import), and (6) read the log file (/workplace/logfileview) by setting the appropriate value for the path parameter in a direct request to admin-main.jsp. | high | 2026-04-16 |
| CVE-2006-3934 | Absolute path traversal vulnerability in downloadTrigger.jsp in Alkacon OpenCms before 6.2.2 allows remote authenticated users to download arbitrary files via an absolute pathname in the filePath parameter. | high | 2026-04-16 |
| CVE-2006-3933 | Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.2.2 allows remote authenticated users to inject arbitrary web script or HTML via the message body. | medium | 2026-04-16 |
| CVE-2006-3932 | SQL injection vulnerability in links.php in Gonafish LinksCaffe 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | critical | 2026-04-16 |
| CVE-2006-3931 | Buffer overflow in the daemon function in midirecord.cc in Tuomas Airaksinen Midirecord 2.0 allows local users to execute arbitrary code via a long command line argument (filename). NOTE: This may not be a vulnerability if Midirecord is not installed setuid. | high | 2026-04-16 |
| CVE-2006-3930 | PHP remote file inclusion vulnerability in admin.a6mambohelpdesk.php in a6mambohelpdesk Mambo Component 18RC1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter. | critical | 2026-04-16 |
| CVE-2006-3929 | Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter. | medium | 2026-04-16 |
| CVE-2006-3928 | PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_datapath parameter. | critical | 2026-04-16 |
| CVE-2006-3927 | Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter. | medium | 2026-04-16 |
| CVE-2006-3926 | Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php. | critical | 2026-04-16 |
| CVE-2006-3925 | Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | critical | 2026-04-16 |
| CVE-2006-3924 | Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | medium | 2026-04-16 |
| CVE-2006-3923 | Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the Seitenname parameter. | medium | 2026-04-16 |
| CVE-2006-3922 | PHP remote file inclusion vulnerability in mod_membre/inscription.php in PortailPHP 1.7 allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | critical | 2026-04-16 |
| CVE-2006-3921 | Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI. | medium | 2026-04-16 |
| CVE-2006-3920 | The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | high | 2026-04-16 |
| CVE-2006-3919 | SQL injection vulnerability in index.php in SD Studio CMS allows remote attackers to execute arbitrary SQL commands via the (1) news_id, (2) tid, and (3) page_id parameters. | critical | 2026-04-16 |
| CVE-2006-3918 | http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. | medium | 2026-04-16 |
| CVE-2006-3917 | PHP remote file inclusion vulnerability in inc/gabarits.php in R. Corson PHP Forge 3 beta 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfg_racine parameter. | critical | 2026-04-16 |
| CVE-2006-3916 | Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | medium | 2026-04-16 |
| CVE-2006-3915 | Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference. | medium | 2026-04-16 |
| CVE-2006-3914 | Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook. | medium | 2026-04-16 |
| CVE-2006-3913 | Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c. | critical | 2026-04-16 |
| CVE-2006-3912 | Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified vectors and impact. | critical | 2026-04-16 |
| CVE-2006-3911 | PHP remote file inclusion vulnerability in OSI Codes PHP Live! 3.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the css_path parameter in (1) help.php and (2) setup/header.php. | critical | 2026-04-16 |
| CVE-2006-3910 | Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference. | high | 2026-04-16 |
| CVE-2006-3909 | Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote attackers to inject arbitrary web script or HTML via the week parameter. | medium | 2026-04-16 |
| CVE-2006-3908 | Format string vulnerability in the flush_output function in ConsoleStreambuf.cpp in Game Network Engine (GNE) 0.70 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute code via format string specifiers in unspecified vectors involving output to the gout console. | critical | 2026-04-16 |
| CVE-2006-3907 | Siemens SpeedStream 2624 allows remote attackers to cause a denial of service (device hang) by sending a crafted packet to the web administrative interface. | high | 2026-04-16 |
| CVE-2006-3906 | Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. | high | 2026-04-16 |
| CVE-2006-3905 | SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the (1) post_id parameter in index.php and (2) search function. | critical | 2026-04-16 |
| CVE-2006-3904 | SQL injection vulnerability in manager/index.php in Etomite CMS 0.6.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. | critical | 2026-04-16 |
| CVE-2006-3903 | CRLF injection vulnerability in (1) index.php and (2) admin.php in myWebland MyBloggie 2.1.3 allows remote attackers to hijack sessions and conduct cross-site scripting (XSS) attacks via a cookie. | medium | 2026-04-16 |
| CVE-2006-3902 | Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the i_cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | medium | 2026-04-16 |
| CVE-2006-3901 | Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename. | critical | 2026-04-16 |
| CVE-2006-3900 | Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter. | medium | 2026-04-16 |
| CVE-2006-3899 | Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function. | medium | 2026-04-16 |
| CVE-2006-3898 | Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the Click method of the Internet.HHCtrl.1 ActiveX object before initializing the URL, which triggers a null dereference. | medium | 2026-04-16 |
| CVE-2006-3897 | Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property. | medium | 2026-04-16 |
| CVE-2006-3886 | SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter in a viewgallery action in a request for the top-level URI. NOTE: the start parameter/search action is already covered by CVE-2006-1807, and the show parameter/top action is already covered by CVE-2006-1360. | critical | 2026-04-16 |
| CVE-2006-3885 | Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. | high | 2026-04-16 |
| CVE-2006-3884 | Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE. | critical | 2026-04-16 |
| CVE-2006-3883 | Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php. | medium | 2026-04-16 |
| CVE-2006-3882 | Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. | high | 2026-04-16 |
