269041
|
- |
|
subtext
|
subtext
|
Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows remote administrators of one blog to login to another blog.
|
NVD-CWE-Other
|
CVE-2006-3046
|
2011-03-8 11:37 |
2006-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269042
|
- |
|
cescripts
|
event_registration_2checkout event_registration_corporate event_registration_paypal event_registration_rsvp
|
Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_ev…
|
NVD-CWE-Other
|
CVE-2006-3052
|
2011-03-8 11:37 |
2006-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269043
|
- |
|
cescripts
|
car_classifieds
|
Cross-site scripting (XSS) vulnerability in index.php in Car Classifieds allows remote attackers to inject arbitrary web script or HTML via the make_id parameter. NOTE: the provenance of this inform…
|
NVD-CWE-Other
|
CVE-2006-3088
|
2011-03-8 11:37 |
2006-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269044
|
- |
|
brian_wotring
|
osiris
|
Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified attack ve…
|
NVD-CWE-Other
|
CVE-2006-3120
|
2011-03-8 11:37 |
2006-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269045
|
- |
|
julian_pawlowski
|
capi4hylafax
|
c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number.
|
NVD-CWE-Other
|
CVE-2006-3126
|
2011-03-8 11:37 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269046
|
- |
|
php
|
directory_listing_script
|
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
|
NVD-CWE-Other
|
CVE-2006-2419
|
2011-03-8 11:36 |
2006-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269047
|
- |
|
php
|
directory_listing_script
|
The vulnerability has been confirmed in the latest available version of this product. Other versions may also be affected.
|
NVD-CWE-Other
|
CVE-2006-2419
|
2011-03-8 11:36 |
2006-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269048
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and remote attack vectors related to "HTTP request handlers".
|
NVD-CWE-noinfo
|
CVE-2006-2429
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269049
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
|
NVD-CWE-Other
|
CVE-2006-2430
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269050
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.
|
NVD-CWE-Other
|
CVE-2006-2432
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|