270201
|
- |
|
duware
|
duclassified
|
SQL injection vulnerability in detail.asp in DUclassified allows remote attackers to execute arbitrary SQL commands via the iPro parameter. NOTE: the provenance of this information is unknown; the d…
|
NVD-CWE-Other
|
CVE-2006-2132
|
2008-09-6 06:03 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270202
|
- |
|
invision_power_services
|
invision_power_board
|
SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute arbitrary SQL commands via the pid parameter in a reputation action. NOTE: the provenance of this …
|
NVD-CWE-Other
|
CVE-2006-2217
|
2008-09-6 06:03 |
2006-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270203
|
- |
|
internet_key_exchange
|
internet_key_exchange
|
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly…
|
NVD-CWE-Other
|
CVE-2006-1646
|
2008-09-6 06:02 |
2006-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270204
|
- |
|
vserver
|
util-vserver
|
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as r…
|
NVD-CWE-Other
|
CVE-2006-1656
|
2008-09-6 06:02 |
2006-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270205
|
- |
|
phpwebgallery
|
phpwebgallery
|
Cross-site scripting (XSS) vulnerability in search.php in PHPWebGallery 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2…
|
NVD-CWE-Other
|
CVE-2006-1674
|
2008-09-6 06:02 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270206
|
- |
|
aweb
|
scripts_seller
|
Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote attackers to bypass authentication.
|
NVD-CWE-Other
|
CVE-2006-1700
|
2008-09-6 06:02 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270207
|
- |
|
joey_hess
|
bsdgames
|
Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
|
NVD-CWE-Other
|
CVE-2006-1744
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270208
|
- |
|
debian
|
debian_linux
|
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the c…
|
NVD-CWE-Other
|
CVE-2006-1772
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270209
|
- |
|
phpbb_group
|
phpbb
|
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Gr…
|
NVD-CWE-Other
|
CVE-2006-1775
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270210
|
- |
|
mailenable
|
mailenable_enterprise mailenable_professional mailenable_standard
|
Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact rel…
|
NVD-CWE-Other
|
CVE-2006-1792
|
2008-09-6 06:02 |
2006-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|