270241
|
- |
|
datenbank_module woltlab
|
datenbank_module burning_board
|
SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) dat…
|
NVD-CWE-Other
|
CVE-2006-1094
|
2008-09-6 06:01 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270242
|
- |
|
logit
|
logit
|
PHP remote file include vulnerability in logIT 1.3 and 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter. NOTE: the provenance of this information is unknown; t…
|
NVD-CWE-Other
|
CVE-2006-1099
|
2008-09-6 06:01 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270243
|
- |
|
nodez
|
nodez
|
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password has…
|
NVD-CWE-Other
|
CVE-2006-1164
|
2008-09-6 06:01 |
2006-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270244
|
- |
|
runcms
|
runcms
|
Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-1216
|
2008-09-6 06:01 |
2006-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270245
|
- |
|
wordpress
|
wordpress
|
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2006-1263
|
2008-09-6 06:01 |
2006-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270246
|
- |
|
university_of_washington
|
pubcookie
|
Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka application server module) in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 be…
|
NVD-CWE-Other
|
CVE-2006-1394
|
2008-09-6 06:01 |
2006-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270247
|
- |
|
upoint
|
at1_event_publisher
|
Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Websit…
|
NVD-CWE-Other
|
CVE-2006-1436
|
2008-09-6 06:01 |
2006-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270248
|
- |
|
upoint
|
at1_event_publisher
|
UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eve…
|
NVD-CWE-Other
|
CVE-2006-1437
|
2008-09-6 06:01 |
2006-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270249
|
- |
|
avaya
|
vsu_100 vsu_10000 vsu_2000 vsu_7500 csu_5000
|
The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via cert…
|
NVD-CWE-Other
|
CVE-2006-0718
|
2008-09-6 06:00 |
2006-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270250
|
- |
|
nocc
|
nocc
|
NOCC Webmail 1.0 stores e-mail attachments in temporary files with predictable filenames, which makes it easier for remote attackers to execute arbitrary code by accessing the e-mail attachment via d…
|
NVD-CWE-Other
|
CVE-2006-0892
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|