|
313111
|
- |
|
bluepay
|
bluepay_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the (1) Account Name and…
|
NVD-CWE-Other
|
CVE-2006-1854
|
2024-08-8 03:15 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313112
|
- |
|
microsoft
|
isa_server
|
Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issu…
|
NVD-CWE-Other
|
CVE-2006-1651
|
2024-08-8 03:15 |
2006-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313113
|
9.8 |
CRITICAL
Network
|
janobe
|
school_attendence_monitoring_system
school_event_management_system
|
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re…
|
CWE-89
SQL Injection
|
CVE-2024-33974
|
2024-08-8 02:44 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313114
|
9.8 |
CRITICAL
Network
|
vivotek
|
sd9364_firmware
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The mani…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-7441
|
2024-08-8 02:15 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313115
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which trig…
|
NVD-CWE-Other
|
CVE-2006-1273
|
2024-08-8 02:15 |
2006-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313116
|
- |
|
digital_builder
|
nz_ecommerce
|
Cross-site scripting (XSS) vulnerability in index.php in NZ Ecommerce allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor has disputed this issu…
|
NVD-CWE-Other
|
CVE-2006-1096
|
2024-08-8 02:15 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313117
|
- |
|
digital_builder
|
nz_ecommerce
|
Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendo…
|
NVD-CWE-Other
|
CVE-2006-1098
|
2024-08-8 02:15 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313118
|
- |
|
kwik-pay
|
kwik-pay_payroll
|
Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and p…
|
NVD-CWE-Other
|
CVE-2006-1050
|
2024-08-8 02:15 |
2006-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313119
|
- |
|
virtual_communication_services
|
vpmi_enterprise
|
SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to Service_Requests.…
|
CWE-89
SQL Injection
|
CVE-2006-0897
|
2024-08-8 02:15 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313120
|
- |
|
dotproject
|
dotproject
|
dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in a…
|
NVD-CWE-Other
|
CVE-2006-0754
|
2024-08-8 02:15 |
2006-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
