|
264851
|
- |
|
netious_cms
|
netious_cms
|
SQL injection vulnerability in index.php in Netious CMS 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information…
|
NVD-CWE-Other
|
CVE-2006-4047
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264852
|
- |
|
netious_cms
|
netious_cms
|
Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the adm…
|
NVD-CWE-Other
|
CVE-2006-4048
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264853
|
- |
|
sun
|
ray_server_software
|
Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users to create or overwrite arbitrary files via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2006-4049
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264854
|
- |
|
the_address_book
the_address_book_reloaded
|
the_address_book
the_address_book_reloaded
|
Multiple SQL injection vulnerabilities in the authentication process in katzlbt (a) The Address Book 1.04e and earlier and (b) The Address Book Reloaded before 2.0-rc4 allow remote attackers to execu…
|
NVD-CWE-Other
|
CVE-2006-4056
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264855
|
- |
|
cakefoundation
|
cakephp
|
Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 4…
|
CWE-79
Cross-site Scripting
|
CVE-2006-4067
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264856
|
- |
|
mywebland
|
myevent
|
PHP remote file inclusion vulnerability in viewevent.php in myWebland myEvent 1.x allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter, a different vector tha…
|
NVD-CWE-Other
|
CVE-2006-4083
|
2017-07-20 10:32 |
2006-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264857
|
- |
|
olaf_noehring
|
the_search_engine_project
|
PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath]…
|
NVD-CWE-Other
|
CVE-2006-4085
|
2017-07-20 10:32 |
2006-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264858
|
- |
|
mojoscripts
|
mojogallery
|
Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance o…
|
NVD-CWE-Other
|
CVE-2006-4087
|
2017-07-20 10:32 |
2006-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264859
|
- |
|
cisco
|
secure_access_control_server
|
Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary …
|
NVD-CWE-Other
|
CVE-2006-4098
|
2017-07-20 10:32 |
2006-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264860
|
- |
|
businessobjects
|
crystal_enterprise
|
Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values.
|
NVD-CWE-Other
|
CVE-2006-4099
|
2017-07-20 10:32 |
2006-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
