259751
|
5.0 |
MEDIUM
|
ibm
|
aix
|
Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-6914
|
2011-03-8 11:47 |
2006-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259752
|
4.0 |
MEDIUM
|
ibm
|
aix
|
ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources.
|
NVD-CWE-Other
|
CVE-2006-6915
|
2011-03-8 11:47 |
2006-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259753
|
7.5 |
HIGH
|
deadlock_user_management_system
|
deadlock_user_management_system
|
SQL injection vulnerability in Deadlock User Management System (phpdeadlock) 0.64 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-6922
|
2011-03-8 11:47 |
2007-01-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259754
|
7.5 |
HIGH
|
bitweaver
|
bitweaver
|
SQL injection vulnerability in newsletters/edition.php in bitweaver 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the tk parameter.
|
NVD-CWE-Other
|
CVE-2006-6923
|
2011-03-8 11:47 |
2007-01-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259755
|
10.0 |
HIGH
|
owa
|
owa
|
Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA (pop2owa) 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message.
|
NVD-CWE-Other
|
CVE-2006-6940
|
2011-03-8 11:47 |
2007-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259756
|
7.5 |
HIGH
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.
|
NVD-CWE-Other
|
CVE-2006-6944
|
2011-03-8 11:47 |
2007-01-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259757
|
5.0 |
MEDIUM
|
myweb4net
|
myweb4net_browser
|
Cross-domain vulnerability in MYweb4net Browser 3.8.8.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on t…
|
NVD-CWE-Other
|
CVE-2006-6983
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259758
|
5.0 |
MEDIUM
|
more_quick_tools
|
greenbrowser
|
Cross-domain vulnerability in GreenBrowser 3.4.0622 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the a…
|
NVD-CWE-Other
|
CVE-2006-6984
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259759
|
5.0 |
MEDIUM
|
maxthon
|
maxthon
|
Cross-domain vulnerability in Maxthon 1.5.6 build 42 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the …
|
NVD-CWE-Other
|
CVE-2006-6985
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259760
|
7.8 |
HIGH
|
phaseout
|
phaseout
|
Cross-domain vulnerability in PhaseOut 5.4.4 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker…
|
NVD-CWE-Other
|
CVE-2006-6986
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259761
|
7.8 |
HIGH
|
softinform
|
finebrowser
|
Cross-domain vulnerability in FineBrowser Freeware 3.2.2 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on …
|
NVD-CWE-Other
|
CVE-2006-6987
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259762
|
7.8 |
HIGH
|
flashpeak
|
slim_browser
|
Cross-domain vulnerability in Slim Browser 4.07 build 100 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on…
|
NVD-CWE-Other
|
CVE-2006-6988
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259763
|
7.8 |
HIGH
|
netcaptor
|
netcaptor
|
Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a li…
|
NVD-CWE-Other
|
CVE-2006-6989
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259764
|
7.8 |
HIGH
|
advanced_search_technologies_inc.
|
enigma_browser
|
Cross-domain vulnerability in Enigma Browser 3.8.8 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the at…
|
NVD-CWE-Other
|
CVE-2006-6990
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259765
|
7.8 |
HIGH
|
fast_browser
|
fast_browser
|
Cross-domain vulnerability in Fast Browser Pro 8.1 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the at…
|
NVD-CWE-Other
|
CVE-2006-6991
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259766
|
7.8 |
HIGH
|
gosurf_browser
|
gosurf_browser
|
Cross-domain vulnerability in GoSuRF Browser 2.62 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the att…
|
NVD-CWE-Other
|
CVE-2006-6992
|
2011-03-8 11:47 |
2007-02-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259767
|
7.5 |
HIGH
|
dev
|
neuron_blog
|
Multiple SQL injection vulnerabilities in pages/addcomment2.php in Neuron Blog 1.1 allow remote attackers to inject arbitrary SQL commands via the (1) commentname, (2) commentmail, (3) commentwebsite…
|
NVD-CWE-Other
|
CVE-2006-6993
|
2011-03-8 11:47 |
2007-02-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259768
|
7.5 |
HIGH
|
cmpro_team
|
clan_manager_pro
|
PHP remote file inclusion vulnerability in Clan Manager Pro (CMPRO) 1.1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) rootpath and possibly (2) sitepath par…
|
NVD-CWE-Other
|
CVE-2006-7045
|
2011-03-8 11:47 |
2007-02-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259769
|
7.5 |
HIGH
|
sphider
|
sphider
|
SQL injection vulnerability in search.php in Sphider before 1.3.1c allows remote attackers to execute arbitrary SQL commands via the category parameter. NOTE: the provenance of this information is u…
|
NVD-CWE-Other
|
CVE-2006-7057
|
2011-03-8 11:47 |
2007-02-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259770
|
4.3 |
MEDIUM
|
sphider
|
sphider
|
Multiple cross-site scripting (XSS) vulnerabilities in Sphider before 1.3.1c allow remote attackers to inject arbitrary web script or HTML via the catid parameter to (1) templates/standard/search_for…
|
NVD-CWE-Other
|
CVE-2006-7058
|
2011-03-8 11:47 |
2007-02-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259771
|
5.0 |
MEDIUM
|
xerox
|
workcentre
|
Unspecified vulnerability in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows attackers to modify signatures of e-mail message…
|
NVD-CWE-Other
|
CVE-2006-6431
|
2011-03-8 11:46 |
2006-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259772
|
5.0 |
MEDIUM
|
xerox
|
workcentre
|
Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 does not record accurate timestamps, which makes it easier for remote attackers to a…
|
NVD-CWE-Other
|
CVE-2006-6433
|
2011-03-8 11:46 |
2006-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259773
|
10.0 |
HIGH
|
novell
|
client
|
Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.
|
NVD-CWE-Other
|
CVE-2006-6443
|
2011-03-8 11:46 |
2006-12-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259774
|
7.8 |
HIGH
|
trend_micro
|
officescan pc_cillin_-_internet_security_2006 serverprotect
|
The Trend Micro scan engine before 8.320 for Windows and before 8.150 on HP-UX and AIX, as used in Trend Micro PC Cillin - Internet Security 2006, Office Scan 7.3, and Server Protect 5.58, allows rem…
|
NVD-CWE-Other
|
CVE-2006-6458
|
2011-03-8 11:46 |
2006-12-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259775
|
6.8 |
MEDIUM
|
wikyblog
|
wikyblog
|
Multiple cross-site scripting (XSS) vulnerabilities in WBmap.php in WikyBlog 1.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) key, (2) d, (3) l, or (4) v pa…
|
NVD-CWE-Other
|
CVE-2006-6466
|
2011-03-8 11:46 |
2006-12-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259776
|
5.0 |
MEDIUM
|
clam_anti-virus
|
clamav
|
Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a diff…
|
NVD-CWE-Other
|
CVE-2006-6481
|
2011-03-8 11:46 |
2006-12-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259777
|
5.0 |
MEDIUM
|
sisco
|
ax-s4_iccp ax-s4_mms iccp_toolkit iso_stack mms-ease
|
The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of servi…
|
NVD-CWE-Other
|
CVE-2006-6489
|
2011-03-8 11:46 |
2007-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259778
|
5.1 |
MEDIUM
|
openldap
|
openldap
|
Buffer overflow in the krbv4_ldap_auth function in servers/slapd/kerberos.c in OpenLDAP 2.4.3 and earlier, when OpenLDAP is compiled with the --enable-kbind (Kerberos KBIND) option, allows remote att…
|
NVD-CWE-Other
|
CVE-2006-6493
|
2011-03-8 11:46 |
2006-12-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259779
|
5.1 |
MEDIUM
|
openldap
|
openldap
|
Successful exploitation requires that OpenLDAP allows the use of the LDAPv2 protocol, and is compiled with the --enable-kbind (Kerberos KBIND) option which has been disabled by default since version …
|
NVD-CWE-Other
|
CVE-2006-6493
|
2011-03-8 11:46 |
2006-12-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259780
|
4.3 |
MEDIUM
|
mozilla
|
firefox
|
The "Feed Preview" feature in Mozilla Firefox 2.0 before 2.0.0.1 sends the URL of the feed when requesting favicon.ico icons, which results in a privacy leak that might allow feed viewing services to…
|
NVD-CWE-Other
|
CVE-2006-6506
|
2011-03-8 11:46 |
2006-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259781
|
4.3 |
MEDIUM
|
mozilla
|
firefox
|
Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error.
|
NVD-CWE-Other
|
CVE-2006-6507
|
2011-03-8 11:46 |
2006-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259782
|
7.5 |
HIGH
|
gizzar
|
gizzar
|
PHP remote file inclusion vulnerability in guest.php in Gizzar 03162002 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. NOTE: the provenance of…
|
NVD-CWE-Other
|
CVE-2006-6527
|
2011-03-8 11:46 |
2006-12-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259783
|
7.5 |
HIGH
|
drupal
|
chatroom_module
|
The Chatroom Module before 4.7.x.-1.0 for Drupal broadcasts Chatroom visitors' session IDs to all participants, which allows remote attackers to hijack sessions and gain privileges.
|
NVD-CWE-Other
|
CVE-2006-6528
|
2011-03-8 11:46 |
2006-12-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259784
|
6.8 |
MEDIUM
|
cm68_news
|
cm68_news
|
Cross-site scripting (XSS) vulnerability in CM68 News allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the…
|
NVD-CWE-Other
|
CVE-2006-6544
|
2011-03-8 11:46 |
2006-12-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259785
|
7.5 |
HIGH
|
scriptmate
|
user_manager
|
Multiple SQL injection vulnerabilities in ScriptMate User Manager 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via "Manage Resources" and possibly other unspecified compon…
|
NVD-CWE-Other
|
CVE-2006-6595
|
2011-03-8 11:46 |
2006-12-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259786
|
9.3 |
HIGH
|
yahoo
|
messenger
|
Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some…
|
NVD-CWE-Other
|
CVE-2006-6603
|
2011-03-8 11:46 |
2006-12-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259787
|
7.5 |
HIGH
|
webwork
|
program_generation_language
|
lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) Language before 2.3.1 uses an insufficiently restrictive regular expression to determine valid macro filenames, which allows attackers …
|
NVD-CWE-Other
|
CVE-2006-6629
|
2011-03-8 11:46 |
2006-12-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259788
|
7.5 |
HIGH
|
webwork
|
program_generation_language
|
This vulnerability is addressed in the following product release:
WeBWorK, Program Generation Language, 2.3.1
|
NVD-CWE-Other
|
CVE-2006-6629
|
2011-03-8 11:46 |
2006-12-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259789
|
6.8 |
MEDIUM
|
drupal
|
drupal_project drupal_project_issue_tracking
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) Project Issue Tracking 4.7.x-1.0 and 4.7.x-2.0, and (2) Project 4.6.x-1.0, 4.7.x-1.0, and 4.7.x-2.0 allow remote attackers to inject …
|
NVD-CWE-Other
|
CVE-2006-6646
|
2011-03-8 11:46 |
2006-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259790
|
6.8 |
MEDIUM
|
drupal
|
drupal_mysite
|
Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3 module for Drupal allows remote attackers to inject arbitrary web script or HTML via the Title fie…
|
NVD-CWE-Other
|
CVE-2006-6647
|
2011-03-8 11:46 |
2006-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259791
|
6.8 |
MEDIUM
|
intel
|
2200bg_proset_wireless
|
Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: so…
|
NVD-CWE-Other
|
CVE-2006-6651
|
2011-03-8 11:46 |
2006-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259792
|
4.3 |
MEDIUM
|
kde
|
libkhtml
|
The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service (crash) via malformed HTML tags, possibl…
|
NVD-CWE-Other
|
CVE-2006-6660
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259793
|
5.0 |
MEDIUM
|
marathon_aleph_one
|
marathon_aleph_one
|
The server component in Marathon Aleph One before 0.17.1 and 2006-12-17 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to "gathering net game…
|
NVD-CWE-Other
|
CVE-2006-6663
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259794
|
5.0 |
MEDIUM
|
marathon_aleph_one
|
marathon_aleph_one
|
Format string vulnerability in Marathon Aleph One before 0.17.1 and 2006-12-17 might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via format strin…
|
NVD-CWE-Other
|
CVE-2006-6664
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259795
|
7.5 |
HIGH
|
verliadmin
|
verliadmin
|
Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nick_mod or (2) nick parameter to (a) repass.php or (b) verif…
|
NVD-CWE-Other
|
CVE-2006-6667
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259796
|
6.8 |
MEDIUM
|
verliadmin
|
verliadmin
|
Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this informatio…
|
NVD-CWE-Other
|
CVE-2006-6668
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259797
|
10.0 |
HIGH
|
nortel
|
callpilot_server
|
Unspecified vulnerability in Nortel CallPilot 4.x Server has unknown impact and attack vectors, aka P-2006-0011-GLOBAL.
|
NVD-CWE-Other
|
CVE-2006-6670
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259798
|
7.5 |
HIGH
|
maxiasp
|
burak_yilmaz_download_portal
|
Multiple SQL injection vulnerabilities in Burak Yylmaz Download Portal allow remote attackers to execute arbitrary SQL commands via the (1) kid or possibly (2) id parameter to (a) HABERLER.ASP and (b…
|
NVD-CWE-Other
|
CVE-2006-6672
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259799
|
7.5 |
HIGH
|
netrik
|
netrik
|
The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands …
|
NVD-CWE-Other
|
CVE-2006-6678
|
2011-03-8 11:46 |
2006-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259800
|
6.8 |
MEDIUM
|
carsen_klock
|
textsend
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Carsen Klock TextSend 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) error or (2) success parameter.…
|
NVD-CWE-Other
|
CVE-2006-6695
|
2011-03-8 11:46 |
2006-12-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|