|
346111
|
- |
|
xbiff2
|
xbiff2
|
xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance…
|
NVD-CWE-Other
|
CVE-2006-4493
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346112
|
- |
|
sony
|
playstation_portable
|
Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TI…
|
NVD-CWE-Other
|
CVE-2006-4507
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346113
|
- |
|
dec
|
dec_openvms_alpha
|
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows …
|
CWE-200
Information Exposure
|
CVE-2006-4537
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346114
|
- |
|
learn.com
|
learncenter
|
Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-4540
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346115
|
- |
|
usermin
webmin
|
usermin
webmin
|
Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source c…
|
CWE-79
Cross-site Scripting
|
CVE-2006-4542
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346116
|
- |
|
usermin
webmin
|
usermin
webmin
|
This vulnerability is addressed in the following product releases:
Webmin, Webmin, 1.296
Usermin, Usermin, 1.226
|
CWE-79
Cross-site Scripting
|
CVE-2006-4542
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346117
|
- |
|
retro64
|
cr64loader_activex_control
|
Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of …
|
NVD-CWE-Other
|
CVE-2006-4555
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346118
|
- |
|
phpnuke
|
myheadlines
|
Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
|
NVD-CWE-Other
|
CVE-2006-4563
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346119
|
- |
|
simplemachines
|
smf
|
SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remote attackers to execute arbitrary SQL commands via the cur_cat parameter.
|
CWE-89
SQL Injection
|
CVE-2006-4564
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346120
|
- |
|
simplemachines
|
smf
|
Successful exploitation requires privileges to add a new board.
|
CWE-89
SQL Injection
|
CVE-2006-4564
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
