|
264351
|
- |
|
iware
|
iware_professional
|
SQL injection vulnerability in index.php in iWare Professional 5.0.4, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the D parameter. NOTE: The prov…
|
NVD-CWE-Other
|
CVE-2006-6446
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264352
|
- |
|
vt-forum
|
vt-forum
|
Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the user parameter to vf_memberdetail.asp, and other unspecified v…
|
NVD-CWE-Other
|
CVE-2006-6448
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264353
|
- |
|
vt-forum
|
vt-forum_lite
|
Vt-Forum Lite 1.3 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/forum.m…
|
NVD-CWE-Other
|
CVE-2006-6449
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264354
|
- |
|
novell
|
zenworks_patch_management_server
|
Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) age…
|
NVD-CWE-Other
|
CVE-2006-6450
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264355
|
- |
|
swsoft
|
plesk
|
Multiple cross-site scripting (XSS) vulnerabilities in SWsoft Plesk 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) get_password.php …
|
CWE-79
Cross-site Scripting
|
CVE-2006-6451
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264356
|
- |
|
myarticles
|
myarticles
|
Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module before 0.6 beta 1, for RunCMS, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to…
|
NVD-CWE-Other
|
CVE-2006-6452
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264357
|
- |
|
j-owamp
|
web_interface
|
execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in…
|
NVD-CWE-Other
|
CVE-2006-6454
|
2017-07-29 10:29 |
2006-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264358
|
- |
|
short_url
url_tracker_script
|
short_url
url_tracker_script
|
Yourfreeworld.com Short Url & Url Tracker Script allows remote attackers to obtain sensitive information via an invalid id parameter to login.php, which leaks the path in an error message. NOTE: thi…
|
NVD-CWE-Other
|
CVE-2006-6460
|
2017-07-29 10:29 |
2006-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264359
|
- |
|
yourfreeworld
|
stylish_text_ads_script
|
tr1.php in Yourfreeworld Stylish Text Ads Script allows remote attackers to obtain the installation path via an invalid id parameter, which leaks the path in an error message. NOTE: this issue might…
|
NVD-CWE-Other
|
CVE-2006-6461
|
2017-07-29 10:29 |
2006-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264360
|
- |
|
mcafee
|
virusscan
|
Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbit…
|
NVD-CWE-Other
|
CVE-2006-6474
|
2017-07-29 10:29 |
2006-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
