268551
|
- |
|
upoint
|
at1_event_publisher
|
UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eve…
|
NVD-CWE-Other
|
CVE-2006-1437
|
2008-09-6 06:01 |
2006-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268552
|
- |
|
avaya
|
vsu_100 vsu_10000 vsu_2000 vsu_7500 csu_5000
|
The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via cert…
|
NVD-CWE-Other
|
CVE-2006-0718
|
2008-09-6 06:00 |
2006-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268553
|
- |
|
nocc
|
nocc
|
NOCC Webmail 1.0 stores e-mail attachments in temporary files with predictable filenames, which makes it easier for remote attackers to execute arbitrary code by accessing the e-mail attachment via d…
|
NVD-CWE-Other
|
CVE-2006-0892
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268554
|
- |
|
nocc
|
nocc
|
NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to (1) the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and (2) t…
|
NVD-CWE-Other
|
CVE-2006-0893
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268555
|
- |
|
nocc
|
nocc
|
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_…
|
NVD-CWE-Other
|
CVE-2006-0894
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268556
|
- |
|
nocc
|
nocc
|
NOCC Webmail 1.0 allows remote attackers to obtain the installation path via a direct request to html/header.php.
|
NVD-CWE-Other
|
CVE-2006-0895
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268557
|
- |
|
microsoft
|
word
|
Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.
|
NVD-CWE-Other
|
CVE-2006-0935
|
2008-09-6 06:00 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268558
|
- |
|
pwsphp
|
pwsphp
|
SQL injection vulnerability in profil.php in PwsPHP 1.2.3, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the aff_news_form parameter, a different vulner…
|
NVD-CWE-Other
|
CVE-2006-0942
|
2008-09-6 06:00 |
2006-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268559
|
- |
|
cactusoft
|
parodia
|
agencyprofile.asp in Parodia 6.2 and earlier might allow remote attackers to obtain sensitive information by triggering an SQL error via an invalid AG_ID parameter. NOTE: the provenance of this info…
|
NVD-CWE-Other
|
CVE-2006-1005
|
2008-09-6 06:00 |
2006-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268560
|
- |
|
cactusoft
|
parodia
|
This vulnerability affects CactuSoft, Parodia version 6.2, and may affect all previous versions as well.
|
NVD-CWE-Other
|
CVE-2006-1005
|
2008-09-6 06:00 |
2006-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|