|
318301
|
- |
|
namo
|
deepsearch
|
Cross-site scripting (XSS) vulnerability in mclient.cgi in Namo DeepSearch 4.5 allows remote attackers to inject arbitrary web script or HTML via the p parameter.
|
NVD-CWE-Other
|
CVE-2006-3264
|
2024-02-14 10:17 |
2006-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318302
|
- |
|
microsoft
|
windows_live_messenger
|
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is import…
|
NVD-CWE-Other
|
CVE-2006-3250
|
2024-02-14 10:17 |
2006-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318303
|
- |
|
ultimate_php_board
|
ultimate_php_board
|
The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.
|
CWE-255
Credentials Management
|
CVE-2006-3203
|
2024-02-14 10:17 |
2006-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318304
|
- |
|
ultimate_php_board
|
ultimate_php_board
|
Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the …
|
NVD-CWE-Other
|
CVE-2006-3204
|
2024-02-14 10:17 |
2006-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318305
|
- |
|
ultimate_php_board
|
ultimate_php_board
|
Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that…
|
NVD-CWE-Other
|
CVE-2006-3205
|
2024-02-14 10:17 |
2006-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318306
|
- |
|
ultimate_php_board
|
ultimate_php_board
|
Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configurati…
|
NVD-CWE-Other
|
CVE-2006-3208
|
2024-02-14 10:17 |
2006-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318307
|
- |
|
viart
|
shop
|
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary we…
|
NVD-CWE-Other
|
CVE-2006-2979
|
2024-02-14 10:17 |
2006-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318308
|
- |
|
viart_ltd
|
viart_shop_free
|
SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute …
|
NVD-CWE-Other
|
CVE-2006-2980
|
2024-02-14 10:17 |
2006-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318309
|
- |
|
linksys
|
wrt54g
wrt54g_v5
|
Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which…
|
NVD-CWE-Other
|
CVE-2006-2559
|
2024-02-14 10:17 |
2006-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318310
|
- |
|
sitecom
|
wl-153_router_firmware
wl-153
|
Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-2560
|
2024-02-14 10:17 |
2006-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
