259801
|
1.9 |
LOW
|
gnome
|
gconf
|
The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files under directories with names based on the username, even when GCONF_GLOBAL_LOCKS is not set, which allows local users to cause a deni…
|
NVD-CWE-Other
|
CVE-2006-6698
|
2011-03-8 11:46 |
2006-12-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259802
|
6.8 |
MEDIUM
|
atmail
|
atmail_webmail
|
Cross-site scripting (XSS) vulnerability in Global.pm in @Mail before 4.61 allows remote attackers to inject arbitrary web script or HTML via crafted e-mail messages. NOTE: The provenance of this in…
|
NVD-CWE-Other
|
CVE-2006-6702
|
2011-03-8 11:46 |
2006-12-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259803
|
5.0 |
MEDIUM
|
soumu
|
koukyoumuke_soumu_workflow soumo_workflow soumu_workflow
|
Multiple unspecified vulnerabilities in the template files in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 a…
|
CWE-287
不適切な認証
|
CVE-2006-6705
|
2011-03-8 11:46 |
2006-12-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259804
|
6.5 |
MEDIUM
|
soumu
|
koukyoumuke_soumu_workflow soumo_workflow soumu_workflow
|
SQL injection vulnerability in Soumu Workflow for Groupmax 01-00 through 01-01, Soumu Workflow 02-00 through 03-03, and Koukyoumuke Soumu Workflow 01-00 through 01-01 allows remote authenticated user…
|
CWE-89
SQLインジェクション
|
CVE-2006-6706
|
2011-03-8 11:46 |
2006-12-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259805
|
10.0 |
HIGH
|
hitachi
|
hitachi_directory_server_2
|
Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requ…
|
NVD-CWE-Other
|
CVE-2006-6713
|
2011-03-8 11:46 |
2006-12-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259806
|
7.8 |
HIGH
|
hitachi
|
hitachi_directory_server_2
|
Multiple memory leaks in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allow remote attackers to cause a denial of service (memory consu…
|
NVD-CWE-Other
|
CVE-2006-6714
|
2011-03-8 11:46 |
2006-12-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259807
|
5.0 |
MEDIUM
|
phpbuilder
|
phpbuilder
|
Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) lib/htm2php.php and (2)…
|
CWE-22
パス・トラバーサル
|
CVE-2006-6725
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259808
|
7.5 |
HIGH
|
inertianews
|
inertianews
|
PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
|
CWE-94
コード・インジェクション
|
CVE-2006-6727
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259809
|
6.4 |
MEDIUM
|
lan_messenger
|
lan_messenger
|
Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remote attackers to cause a denial of service (application crash) or transmit spam via unspecified vecto…
|
NVD-CWE-Other
|
CVE-2006-6728
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259810
|
6.4 |
MEDIUM
|
lan_messenger
|
lan_messenger
|
This vulnerability is addressed in the following product release:
LAN Messenger, LAN Messenger, 1.5.1.2
|
NVD-CWE-Other
|
CVE-2006-6728
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259811
|
7.5 |
HIGH
|
newxooper
|
newxooper
|
PHP remote file inclusion vulnerability in i-accueil.php in Newxooper 0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. NOTE: The provenance of…
|
CWE-94
コード・インジェクション
|
CVE-2006-6748
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259812
|
6.5 |
MEDIUM
|
novell
|
netmail
|
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
|
NVD-CWE-Other
|
CVE-2006-6761
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259813
|
6.5 |
MEDIUM
|
novell
|
netmail
|
This vulnerability is addressed in the following product update:
Novell, NetMail, 3.52e FTF2
|
NVD-CWE-Other
|
CVE-2006-6761
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259814
|
4.0 |
MEDIUM
|
novell
|
netmail
|
The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
|
NVD-CWE-Other
|
CVE-2006-6762
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259815
|
4.0 |
MEDIUM
|
novell
|
netmail
|
This vulnerability is addressed in the following product update:
Novell, NetMail, 3.52e FTF2
|
NVD-CWE-Other
|
CVE-2006-6762
|
2011-03-8 11:46 |
2006-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259816
|
6.8 |
MEDIUM
|
pnamazu
|
pnamazu
|
Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-6782
|
2011-03-8 11:46 |
2006-12-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259817
|
7.5 |
HIGH
|
ultimate_php_board
|
ultimate_php_board
|
Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and earlier allows remote attackers to inject arbitrary PHP code via the username parameter, which is in…
|
NVD-CWE-Other
|
CVE-2006-6790
|
2011-03-8 11:46 |
2006-12-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259818
|
6.8 |
MEDIUM
|
baalasp
|
smart_form_portal
|
Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp forum allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: The provenance of this informat…
|
NVD-CWE-Other
|
CVE-2006-6075
|
2011-03-8 11:45 |
2006-11-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259819
|
10.0 |
HIGH
|
ibm
|
websphere_application_server
|
Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" …
|
NVD-CWE-Other
|
CVE-2006-6135
|
2011-03-8 11:45 |
2006-11-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259820
|
10.0 |
HIGH
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact …
|
NVD-CWE-noinfo
|
CVE-2006-6136
|
2011-03-8 11:45 |
2006-11-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259821
|
5.0 |
MEDIUM
|
sisfo_kampus
|
sisfo_kampus
|
Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this informatio…
|
NVD-CWE-Other
|
CVE-2006-6139
|
2011-03-8 11:45 |
2006-11-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259822
|
7.5 |
HIGH
|
sisfo_kampus
|
sisfo_kampus
|
PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to execute arbitrary PHP code via a URL in the slnt parameter to (1) index.php and (2) print.php. NO…
|
NVD-CWE-Other
|
CVE-2006-6140
|
2011-03-8 11:45 |
2006-11-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259823
|
2.6 |
LOW
|
takeshi_kanno
|
haru_free_pdf_library
|
Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a…
|
NVD-CWE-Other
|
CVE-2006-6146
|
2011-03-8 11:45 |
2006-11-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259824
|
7.5 |
HIGH
|
messagerie_locale
|
messagerie_locale
|
PHP remote file inclusion vulnerability in centre.php in Messagerie Locale as of 20061127 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance …
|
NVD-CWE-Other
|
CVE-2006-6151
|
2011-03-8 11:45 |
2006-11-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259825
|
7.5 |
HIGH
|
mplayer xine
|
mplayer real_media_input_plugin
|
Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly other…
|
NVD-CWE-Other
|
CVE-2006-6172
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259826
|
4.3 |
MEDIUM
|
tdiary
|
tdiary
|
Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in (1) tdiary.rb …
|
NVD-CWE-Other
|
CVE-2006-6174
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259827
|
7.5 |
HIGH
|
trend_micro
|
officescan
|
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2006-6178
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259828
|
7.5 |
HIGH
|
trend_micro
|
officescan
|
Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack…
|
NVD-CWE-Other
|
CVE-2006-6179
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259829
|
7.5 |
HIGH
|
anna_irc_bot
|
anna\^_irc_bot
|
SQL injection vulnerability in anna.pl in Anna^ IRC Bot before 0.30 (aka caprice) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: it is possible that there a…
|
NVD-CWE-Other
|
CVE-2006-6190
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259830
|
7.5 |
HIGH
|
anna_irc_bot
|
anna\^_irc_bot
|
This vulnerability is addressed in the following product release:
Anna^ IRC Bot, Anna^ IRC Bot, 0.30
|
NVD-CWE-Other
|
CVE-2006-6190
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259831
|
7.5 |
HIGH
|
8pixel.net
|
simple_blog
|
Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3.0 and earlier do not properly perform authentication, which allows remote attackers to add users and perform certain other unauth…
|
NVD-CWE-Other
|
CVE-2006-6192
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259832
|
7.5 |
HIGH
|
webwiz
|
site_news
|
PHP remote file inclusion vulnerability in centre.php in Site News (site_news) 2.00, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE…
|
CWE-94
コード・インジェクション
|
CVE-2006-6212
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259833
|
7.5 |
HIGH
|
wallpaper
|
wallpaper_complete_website
|
Multiple SQL injection vulnerabilities in Wallpaper Website (Wallpaper Complete Website) 1.0.09 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password …
|
NVD-CWE-Other
|
CVE-2006-6215
|
2011-03-8 11:45 |
2006-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259834
|
7.5 |
HIGH
|
coalescent_systems
|
freepbx
|
Coalescent Systems freePBX (formerly Asterisk Management Portal) before 2.2.0rc1 allows attackers to execute arbitrary commands via shell metacharacters in (1) CALLERID(name) or (2) CALLERID(number).
|
NVD-CWE-Other
|
CVE-2006-6244
|
2011-03-8 11:45 |
2006-12-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259835
|
7.5 |
HIGH
|
coalescent_systems
|
freepbx
|
This vulnerability is addressed in the following product release:
Coalescent Systems, freePBX, 2.2.0rc1
|
NVD-CWE-Other
|
CVE-2006-6244
|
2011-03-8 11:45 |
2006-12-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259836
|
5.0 |
MEDIUM
|
novell
|
client
|
srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or inval…
|
NVD-CWE-Other
|
CVE-2006-6307
|
2011-03-8 11:45 |
2006-12-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259837
|
5.0 |
MEDIUM
|
stefan_ritt
|
elog_web_logbook
|
The show_elog_list function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users to cause a denial of service (daemon crash) by attempting to access a logbook whose name begins with…
|
NVD-CWE-Other
|
CVE-2006-6318
|
2011-03-8 11:45 |
2006-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259838
|
5.0 |
MEDIUM
|
stefan_ritt
|
elog_web_logbook
|
Successful exploitation requires authentication only if the application is configured with a password. It is not, by default.
|
NVD-CWE-Other
|
CVE-2006-6318
|
2011-03-8 11:45 |
2006-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259839
|
7.5 |
HIGH
|
neocrome
|
seditio
|
Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earlier have unknown impact and attack vectors related to (1) plugins/ipsearch/ipsearch.admin.php, and (2) pfs/pfs.edit.inc.php, (3) …
|
NVD-CWE-Other
|
CVE-2006-6344
|
2011-03-8 11:45 |
2006-12-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259840
|
6.8 |
MEDIUM
|
phpnews
|
phpnews
|
Cross-site scripting (XSS) vulnerability in templates/cat_temp.php in PHPNews 1.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The prov…
|
NVD-CWE-Other
|
CVE-2006-6357
|
2011-03-8 11:45 |
2006-12-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259841
|
6.8 |
MEDIUM
|
phpnews
|
phpnews
|
Successful exploitation requires that "register_globals" is enabled.
|
NVD-CWE-Other
|
CVE-2006-6357
|
2011-03-8 11:45 |
2006-12-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259842
|
5.0 |
MEDIUM
|
ulrik_petersen
|
emdros_database_engine emrdos_database_engine
|
Multiple memory leaks in Ulrik Petersen Emdros Database Engine before 1.2.0.pre231 allow local users to cause a denial of service (memory consumption) via unspecified vectors, a different issue than …
|
NVD-CWE-Other
|
CVE-2006-6395
|
2011-03-8 11:45 |
2006-12-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259843
|
6.8 |
MEDIUM
|
justsystem
|
hanako hanako_viewer ichitaro ichitaro_lite2 ichitaro_viewer sanshiro
|
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arb…
|
CWE-119
バッファエラー
|
CVE-2006-6400
|
2011-03-8 11:45 |
2006-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259844
|
6.8 |
MEDIUM
|
amateras
|
amateras_sns
|
Cross-site scripting (XSS) vulnerability in Amateras sns 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-6413
|
2011-03-8 11:45 |
2006-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259845
|
7.5 |
HIGH
|
campware.org
|
campsite
|
Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 20061110 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) bugreport…
|
NVD-CWE-Other
|
CVE-2006-5910
|
2011-03-8 11:44 |
2006-11-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259846
|
6.8 |
MEDIUM
|
extreme_cms
|
extreme_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/options.php in Extreme CMS 0.9, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) bg1, (2) b…
|
NVD-CWE-Other
|
CVE-2006-5985
|
2011-03-8 11:44 |
2006-11-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259847
|
6.8 |
MEDIUM
|
extreme_cms
|
extreme_cms
|
admin/options.php in Extreme CMS 0.9, and possibly earlier, does not require authentication, which might allow remote attackers to conduct unauthorized activities. NOTE: this issue can be combined w…
|
NVD-CWE-Other
|
CVE-2006-5986
|
2011-03-8 11:44 |
2006-11-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259848
|
10.0 |
HIGH
|
d-link
|
dwl-g132
|
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information …
|
NVD-CWE-Other
|
CVE-2006-6055
|
2011-03-8 11:44 |
2006-11-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259849
|
7.5 |
HIGH
|
bpg-infotech
|
easy_publisher smart_publisher_pro
|
SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter…
|
NVD-CWE-Other
|
CVE-2006-6072
|
2011-03-8 11:44 |
2006-11-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
259850
|
7.5 |
HIGH
|
lou_portail
|
lou_portail
|
PHP remote file inclusion vulnerability in admin/admin_module.php in Lou Portail 1.4.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the g_admin_rep parame…
|
NVD-CWE-Other
|
CVE-2006-5423
|
2011-03-8 11:43 |
2006-10-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|