270171
|
- |
|
devellion
|
cubecart
|
includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allo…
|
NVD-CWE-Other
|
CVE-2006-4527
|
2008-09-6 06:09 |
2006-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270172
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase"…
|
NVD-CWE-Other
|
CVE-2006-3778
|
2008-09-6 06:08 |
2006-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270173
|
- |
|
kailash_nadh
|
boastmachine
|
The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to…
|
NVD-CWE-Other
|
CVE-2006-3830
|
2008-09-6 06:08 |
2006-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270174
|
- |
|
dokeos
|
dokeos
|
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2006-3924
|
2008-09-6 06:08 |
2006-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270175
|
- |
|
pswd.js
|
pswd.js
|
The pswd.js script relies on the client to calculate whether a username and password match hard-coded hashed values for a server, and uses a hashing scheme that creates a large number of collisions, …
|
CWE-255
Credentials Management
|
CVE-2006-4068
|
2008-09-6 06:08 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270176
|
- |
|
david_walker
|
phpautomembersarea
|
Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 has unknown impact and attack vectors, related to "a potential security exploit which is critical."
|
NVD-CWE-Other
|
CVE-2006-4084
|
2008-09-6 06:08 |
2006-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270177
|
- |
|
david_walker
|
phpautomembersarea
|
Upgrade to 3.2.4
|
NVD-CWE-Other
|
CVE-2006-4084
|
2008-09-6 06:08 |
2006-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270178
|
- |
|
tor
|
tor
|
TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the en…
|
NVD-CWE-Other
|
CVE-2006-3411
|
2008-09-6 06:07 |
2006-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270179
|
- |
|
tor
|
tor
|
Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers.
|
NVD-CWE-Other
|
CVE-2006-3412
|
2008-09-6 06:07 |
2006-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270180
|
- |
|
tor
|
tor
|
The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information.
|
NVD-CWE-Other
|
CVE-2006-3413
|
2008-09-6 06:07 |
2006-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|