|
267921
|
- |
|
invision_power_services
|
invision_power_board
|
SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute arbitrary SQL commands via the pid parameter in a reputation action. NOTE: the provenance of this …
|
NVD-CWE-Other
|
CVE-2006-2217
|
2008-09-6 06:03 |
2006-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267922
|
- |
|
internet_key_exchange
|
internet_key_exchange
|
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly…
|
NVD-CWE-Other
|
CVE-2006-1646
|
2008-09-6 06:02 |
2006-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267923
|
- |
|
vserver
|
util-vserver
|
vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as r…
|
NVD-CWE-Other
|
CVE-2006-1656
|
2008-09-6 06:02 |
2006-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267924
|
- |
|
phpwebgallery
|
phpwebgallery
|
Cross-site scripting (XSS) vulnerability in search.php in PHPWebGallery 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2…
|
NVD-CWE-Other
|
CVE-2006-1674
|
2008-09-6 06:02 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267925
|
- |
|
aweb
|
scripts_seller
|
Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote attackers to bypass authentication.
|
NVD-CWE-Other
|
CVE-2006-1700
|
2008-09-6 06:02 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267926
|
- |
|
joey_hess
|
bsdgames
|
Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
|
NVD-CWE-Other
|
CVE-2006-1744
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267927
|
- |
|
debian
|
debian_linux
|
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the c…
|
NVD-CWE-Other
|
CVE-2006-1772
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267928
|
- |
|
phpbb_group
|
phpbb
|
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Gr…
|
NVD-CWE-Other
|
CVE-2006-1775
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267929
|
- |
|
mailenable
|
mailenable_enterprise
mailenable_professional
mailenable_standard
|
Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact rel…
|
NVD-CWE-Other
|
CVE-2006-1792
|
2008-09-6 06:02 |
2006-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267930
|
- |
|
runcms
|
runcms
|
Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. N…
|
NVD-CWE-Other
|
CVE-2006-1793
|
2008-09-6 06:02 |
2006-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
