|
265001
|
- |
|
virtual_private_server
|
vserver
|
This vulnerability is addressed in the following product releases:
Virtual Private Server, Vserver, 2.0.2-rc18
Virtual Private Server, Vserver, 2.1.1-rc18
|
NVD-CWE-Other
|
CVE-2006-2110
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265002
|
- |
|
network_administration_visualized
|
network_administration_visualized
|
Multiple SQL injection vulnerabilities in the report interface in Network Administration Visualized (NAV) before 3.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
|
NVD-CWE-Other
|
CVE-2006-2123
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265003
|
- |
|
turnkey_solutions
|
sunshop_shopping_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) ite…
|
NVD-CWE-Other
|
CVE-2006-2124
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265004
|
- |
|
avalon_ltd
|
maxtrade
|
SQL injection vulnerability in pocategories.php in MaxTrade 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categori and (2) stranica parameters.
|
NVD-CWE-Other
|
CVE-2006-2126
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265005
|
- |
|
deltascripts
|
pro_publish
|
Direct static code injection vulnerability in Pro Publish 2.0 allows remote authenticated administrators to execute arbitrary PHP code by editing certain settings, which are stored in set_inc.php.
|
NVD-CWE-Other
|
CVE-2006-2129
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265006
|
- |
|
advanced_poll
|
advanced_poll
|
SQL injection vulnerability in include/class_poll.php in Advanced Poll 2.0.4 allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
|
NVD-CWE-Other
|
CVE-2006-2130
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265007
|
- |
|
advanced_poll
|
advanced_poll
|
Successful exploitation requires that magic_quotes_gpc is set to off.
|
NVD-CWE-Other
|
CVE-2006-2130
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265008
|
- |
|
advanced_poll
|
advanced_poll
|
include/class_poll.php in Advanced Poll 2.0.4 uses the HTTP_X_FORWARDED_FOR (X-Forwarded-For HTTP header) to identify the IP address of a client, which makes it easier for remote attackers to spoof t…
|
NVD-CWE-Other
|
CVE-2006-2131
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265009
|
- |
|
boonex
|
barracuda
|
SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, po…
|
NVD-CWE-Other
|
CVE-2006-2133
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265010
|
- |
|
ruperts_news
|
ruperts_news
|
SQL injection vulnerability in login.php in Ruperts News allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
NVD-CWE-Other
|
CVE-2006-2135
|
2017-07-20 10:31 |
2006-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
