|
343591
|
- |
|
bingo_news
|
bingo_news
|
PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.
|
CWE-94
Code Injection
|
CVE-2006-4649
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343592
|
- |
|
cisco
|
ios
|
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an in…
|
NVD-CWE-Other
|
CVE-2006-4650
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343593
|
- |
|
threesquared.net
|
php_download_script
|
Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via …
|
NVD-CWE-Other
|
CVE-2006-4651
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343594
|
- |
|
amazing_little_picture_poll
amazing_little_poll
|
amazing_little_picture_poll
amazing_little_poll
|
(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.
|
NVD-CWE-Other
|
CVE-2006-4652
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343595
|
- |
|
amazing_little_picture_poll
amazing_little_poll
|
amazing_little_picture_poll
amazing_little_poll
|
(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password v…
|
NVD-CWE-Other
|
CVE-2006-4653
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343596
|
- |
|
efs_software
|
easy_address_book_web_server
|
Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the que…
|
NVD-CWE-Other
|
CVE-2006-4654
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343597
|
- |
|
sco
sun
|
unixware
solaris
|
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privil…
|
NVD-CWE-Other
|
CVE-2006-4655
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343598
|
- |
|
web-provence
|
sl_site
|
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_roo…
|
NVD-CWE-Other
|
CVE-2006-4656
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343599
|
- |
|
panda
|
panda_platinum_internet_security
|
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalS…
|
NVD-CWE-Other
|
CVE-2006-4657
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
343600
|
- |
|
panda
|
panda_platinum_internet_security
|
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in generated URLs that are not filtered if the user replies to a message, which might allow remote att…
|
NVD-CWE-Other
|
CVE-2006-4658
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
