|
267681
|
- |
|
myodbc
|
myodbc
|
MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL dat…
|
NVD-CWE-Other
|
CVE-2006-6948
|
2008-09-6 06:16 |
2007-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267682
|
- |
|
headstart_solutions
|
deskpro
|
Headstart Solutions DeskPRO does not require authentication for certain files and directories associated with administrative activities, which allows remote attackers to (1) reinstall the application…
|
NVD-CWE-Other
|
CVE-2006-6973
|
2008-09-6 06:16 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267683
|
- |
|
headstart_solutions
|
deskpro
|
Only certain files are affected, so the impact is partial for confidentiality, integrity, and availability.
|
NVD-CWE-Other
|
CVE-2006-6973
|
2008-09-6 06:16 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267684
|
- |
|
headstart_solutions
|
deskpro
|
Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) list files in the includes/ directory; obtain the SQ…
|
NVD-CWE-Other
|
CVE-2006-6974
|
2008-09-6 06:16 |
2007-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267685
|
- |
|
mailenable
|
mailenable_enterprise
mailenable_standard
|
Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 leads to "weakened authentication…
|
CWE-287
Improper Authentication
|
CVE-2006-6997
|
2008-09-6 06:16 |
2007-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267686
|
- |
|
headstart_solutions
|
deskpro
|
attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter.
|
CWE-200
Information Exposure
|
CVE-2006-6999
|
2008-09-6 06:16 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267687
|
- |
|
headstart_solutions
|
deskpro
|
Headstart Solutions DeskPRO allows remote attackers to obtain the full path via direct requests to (1) email/mail.php, (2) includes/init.php, (3) certain files in includes/cron/, and (4) jpgraph.php,…
|
NVD-CWE-Other
|
CVE-2006-7000
|
2008-09-6 06:16 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267688
|
- |
|
phpmychat_plus
|
phpmychat_plus
|
Directory traversal vulnerability in avatar.php in PhpMyChat Plus 1.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the L parameter, a different issue than CVE-200…
|
NVD-CWE-Other
|
CVE-2006-7001
|
2008-09-6 06:16 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267689
|
- |
|
fusionphp
|
fusion_polls
|
PHP remote file inclusion vulnerability in admin/index.php in Fusion Polls allows remote attackers to execute arbitrary PHP code via a URL in the xtrphome parameter.
|
NVD-CWE-Other
|
CVE-2006-7003
|
2008-09-6 06:16 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267690
|
- |
|
php_script_tools
|
psy_auction
|
Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. NOTE: the provenance of this in…
|
NVD-CWE-Other
|
CVE-2006-7004
|
2008-09-6 06:16 |
2007-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
