|
264511
|
- |
|
cerberus
|
cerberus_helpdesk
|
rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information…
|
NVD-CWE-Other
|
CVE-2006-5428
|
2017-07-20 10:33 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264512
|
- |
|
db-central
|
cms
enterprise_cms
|
Cross-site scripting (XSS) vulnerability in the search functionality in db-central (dbc) Enterprise CMS and db-central CMS allows remote attackers to inject arbitrary web script or HTML via the needl…
|
NVD-CWE-Other
|
CVE-2006-5430
|
2017-07-20 10:33 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264513
|
- |
|
comdev
|
comdev_forum
|
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Forum 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] pa…
|
NVD-CWE-Other
|
CVE-2006-5438
|
2017-07-20 10:33 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264514
|
- |
|
comdev
|
comdev_misc_tools
|
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Misc Tools 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroo…
|
CWE-94
Code Injection
|
CVE-2006-5439
|
2017-07-20 10:33 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264515
|
- |
|
comdev
|
comdev_form_designer
|
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[doc…
|
NVD-CWE-Other
|
CVE-2006-5440
|
2017-07-20 10:33 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264516
|
- |
|
comdev
|
comdev_web_blogger
|
PHP remote file inclusion vulnerability in adminfoot.php in Comdev Web Blogger 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docro…
|
NVD-CWE-Other
|
CVE-2006-5441
|
2017-07-20 10:33 |
2006-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264517
|
- |
|
xiao_gang
|
www_interactive_mathematics_server
|
Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics Server (WIMS) before 3.60 allows remote attackers to modify unspecified data via unspecified vectors involving "variable rights."
|
NVD-CWE-Other
|
CVE-2006-5443
|
2017-07-20 10:33 |
2006-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264518
|
- |
|
xiao_gang
|
www_interactive_mathematics_server
|
This vulnerability is addressed in the following product release:
XIAO Gang, WWW Interactive Mathematics Server, 3.60
|
NVD-CWE-Other
|
CVE-2006-5443
|
2017-07-20 10:33 |
2006-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264519
|
- |
|
casinosoft
|
casino_script
|
SQL injection vulnerability in lobby/config.php in Casinosoft Casino Script (aka Masvet) 3.2 allows remote attackers to execute arbitrary SQL commands via the cfam parameter.
|
NVD-CWE-Other
|
CVE-2006-5446
|
2017-07-20 10:33 |
2006-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264520
|
- |
|
casinosoft
|
casino_script
|
Successful exploitation requires that "magic_quotes_gpc" is disabled.
|
NVD-CWE-Other
|
CVE-2006-5446
|
2017-07-20 10:33 |
2006-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
