|
264971
|
- |
|
bpg-infotech
|
easy_publisher
smart_publisher_pro
|
SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter…
|
NVD-CWE-Other
|
CVE-2006-6072
|
2011-03-8 11:44 |
2006-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264972
|
- |
|
lou_portail
|
lou_portail
|
PHP remote file inclusion vulnerability in admin/admin_module.php in Lou Portail 1.4.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the g_admin_rep parame…
|
NVD-CWE-Other
|
CVE-2006-5423
|
2011-03-8 11:43 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264973
|
- |
|
horde
|
ingo_h3
|
procmail in Ingo H3 before 1.1.2 Horde module allows remote authenticated users to execute arbitrary commands via shell metacharacters in the mailbox destination of a filter rule.
|
NVD-CWE-Other
|
CVE-2006-5449
|
2011-03-8 11:43 |
2006-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264974
|
- |
|
horde
|
ingo_h3
|
This vulnerability is addressed in the following product release:
Horde, Ingo, 1.1.2
|
NVD-CWE-Other
|
CVE-2006-5449
|
2011-03-8 11:43 |
2006-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264975
|
- |
|
rpm
ubuntu
|
package_manager
ubuntu_linux
|
Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to ex…
|
NVD-CWE-Other
|
CVE-2006-5466
|
2011-03-8 11:43 |
2006-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264976
|
- |
|
rpm
ubuntu
|
package_manager
ubuntu_linux
|
Successful exploitation may allow the execution of arbitrary code, but requires that certain locales are set (e.g. ru_RU.UTF-8).
There are patches available for each affected Ubuntu product.
|
NVD-CWE-Other
|
CVE-2006-5466
|
2011-03-8 11:43 |
2006-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264977
|
- |
|
xchangeboard
|
xchangeboard
|
Multiple SQL injection vulnerabilities in the checkUser function in inc/DBInterface.php in XchangeBoard 1.70 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrar…
|
NVD-CWE-Other
|
CVE-2006-5500
|
2011-03-8 11:43 |
2006-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264978
|
- |
|
xchangeboard
|
xchangeboard
|
Successful exploitation requires that "magic_quotes_gpc" is disabled.
|
NVD-CWE-Other
|
CVE-2006-5500
|
2011-03-8 11:43 |
2006-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264979
|
- |
|
maxdev
|
md-pro
|
Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: the provenance of this informa…
|
NVD-CWE-Other
|
CVE-2006-5564
|
2011-03-8 11:43 |
2006-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264980
|
- |
|
maxdev
|
md-pro
|
CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a)…
|
NVD-CWE-Other
|
CVE-2006-5565
|
2011-03-8 11:43 |
2006-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
