|
269891
|
- |
|
aweb
|
scripts_seller
|
Buy.php in Aweb Scripts Seller uses predictable cookies for authentication based on the time and the script number, which allows remote attackers to bypass authentication.
|
NVD-CWE-Other
|
CVE-2006-1700
|
2008-09-6 06:02 |
2006-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269892
|
- |
|
joey_hess
|
bsdgames
|
Buffer overflow in pl_main.c in sail in BSDgames before 2.17-7 allows local users to execute arbitrary code via a long player name that is used in a scanf function call.
|
NVD-CWE-Other
|
CVE-2006-1744
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269893
|
- |
|
debian
|
debian_linux
|
debconf in Debian GNU/Linux, when configuring mnogosearch in the mnogosearch-common 3.2.31-1 package, uses the world-readable config.dat file instead of the restricted passwords.dat for storing the c…
|
NVD-CWE-Other
|
CVE-2006-1772
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269894
|
- |
|
phpbb_group
|
phpbb
|
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.19 allow remote attackers to inject arbitrary web script or HTML via the (1) Site Description field in (a) admin_board.php, the (2) Gr…
|
NVD-CWE-Other
|
CVE-2006-1775
|
2008-09-6 06:02 |
2006-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269895
|
- |
|
mailenable
|
mailenable_enterprise
mailenable_professional
mailenable_standard
|
Unspecified vulnerability in the POP service in MailEnable Standard Edition before 1.94, Professional Edition before 1.74, and Enterprise Edition before 1.22 has unknown attack vectors and impact rel…
|
NVD-CWE-Other
|
CVE-2006-1792
|
2008-09-6 06:02 |
2006-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269896
|
- |
|
runcms
|
runcms
|
Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. N…
|
NVD-CWE-Other
|
CVE-2006-1793
|
2008-09-6 06:02 |
2006-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269897
|
- |
|
runcms
|
runcms
|
Succesful exploitation requires that register_globals = On & allow_url_fopen = On
|
NVD-CWE-Other
|
CVE-2006-1793
|
2008-09-6 06:02 |
2006-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269898
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inj…
|
NVD-CWE-Other
|
CVE-2006-1796
|
2008-09-6 06:02 |
2006-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269899
|
- |
|
wordpress
|
wordpress
|
The vulnerability manifests itself only when viewed by IE.
This vulnerability is addressed in the following product release:
Wordpress 2.0.1-1
|
NVD-CWE-Other
|
CVE-2006-1796
|
2008-09-6 06:02 |
2006-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269900
|
- |
|
datenbank_module
woltlab
|
datenbank_module
burning_board
|
SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) dat…
|
NVD-CWE-Other
|
CVE-2006-1094
|
2008-09-6 06:01 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
