|
270591
|
- |
|
xwiki
|
xwiki
|
PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rig…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7223
|
2008-09-6 06:16 |
2007-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270592
|
- |
|
scriptphp
|
pronews
|
admin/change.php in ProNews 1.5 does not check whether a user is permitted to change news items, which allows remote attackers to add or delete information within an item, and possibly have other imp…
|
NVD-CWE-Other
|
CVE-2006-6580
|
2008-09-6 06:15 |
2006-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270593
|
- |
|
scriptmate
|
user_manager
|
ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors related to (1) the Logins box and (2) the Search box.
|
NVD-CWE-Other
|
CVE-2006-6583
|
2008-09-6 06:15 |
2006-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270594
|
- |
|
torrentflux
|
torrentflux
|
Cross-site scripting (XSS) vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a rela…
|
NVD-CWE-Other
|
CVE-2006-6600
|
2008-09-6 06:15 |
2006-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270595
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of th…
|
NVD-CWE-Other
|
CVE-2006-6625
|
2008-09-6 06:15 |
2006-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270596
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG e…
|
NVD-CWE-Other
|
CVE-2006-6626
|
2008-09-6 06:15 |
2006-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270597
|
- |
|
ibm
|
db2_universal_database
|
IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2…
|
NVD-CWE-Other
|
CVE-2006-6638
|
2008-09-6 06:15 |
2006-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270598
|
- |
|
chetcpasswd
|
chetcpasswd
|
Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the progra…
|
NVD-CWE-Other
|
CVE-2006-6639
|
2008-09-6 06:15 |
2006-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270599
|
- |
|
netbsd
|
netbsd
|
The sendmsg function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029, when run on a 64-bit architecture, allows attackers to cause a denial of …
|
NVD-CWE-Other
|
CVE-2006-6654
|
2008-09-6 06:15 |
2006-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270600
|
- |
|
netbsd
|
netbsd
|
The procfs implementation in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (kernel panic) by att…
|
NVD-CWE-Other
|
CVE-2006-6655
|
2008-09-6 06:15 |
2006-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
