260101
|
7.2 |
HIGH
|
sun
|
grid_engine n1_grid_engine
|
This vulnerability affects Sun Microsystems, Sun Grid Engine 5.3 before 20060327 & N1 Grid Engine 6.0 before 20060327.
|
NVD-CWE-Other
|
CVE-2006-1506
|
2011-03-8 11:33 |
2006-03-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260102
|
7.5 |
HIGH
|
abcmidi
|
abcmidi
|
Multiple buffer overflows in the abcmidi-yaps translator in abcmidi 20050101, and other versions, allow remote attackers to execute arbitrary code via crafted ABC music files that trigger the overflo…
|
NVD-CWE-Other
|
CVE-2006-1514
|
2011-03-8 11:33 |
2006-04-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260103
|
7.5 |
HIGH
|
typespeed
|
typespeed
|
Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-Other
|
CVE-2006-1515
|
2011-03-8 11:33 |
2006-06-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260104
|
6.8 |
MEDIUM
|
php
|
php_script_index
|
Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
NVD-CWE-Other
|
CVE-2006-1558
|
2011-03-8 11:33 |
2006-03-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260105
|
7.5 |
HIGH
|
php
|
php_script_index
|
SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details ar…
|
NVD-CWE-Other
|
CVE-2006-1559
|
2011-03-8 11:33 |
2006-03-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260106
|
10.0 |
HIGH
|
exponent
|
exponent_cms
|
Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables that are not "typecasted."
|
NVD-CWE-Other
|
CVE-2006-1604
|
2011-03-8 11:33 |
2006-04-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260107
|
7.5 |
HIGH
|
exponent
|
exponent_cms
|
Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows remote attackers to execute arbitrary code via unknown vectors involving "parsed PHP."
|
NVD-CWE-Other
|
CVE-2006-1605
|
2011-03-8 11:33 |
2006-04-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260108
|
5.0 |
MEDIUM
|
exponent
|
exponent_cms
|
Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows "directory disclosure" with unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2006-1606
|
2011-03-8 11:33 |
2006-04-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260109
|
6.8 |
MEDIUM
|
softbiz
|
image_gallery
|
Cross-site scripting (XSS) vulnerability in image_desc.php in Softbiz Image Gallery allows remote attackers to inject arbitrary web script or HTML via msg parameter. NOTE: the provenance of this inf…
|
NVD-CWE-Other
|
CVE-2006-1660
|
2011-03-8 11:33 |
2006-04-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260110
|
6.8 |
MEDIUM
|
softbiz
|
image_gallery
|
This vulnerability most likely affects all versions of Softbiz, Image Gallery.
|
NVD-CWE-Other
|
CVE-2006-1660
|
2011-03-8 11:33 |
2006-04-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260111
|
4.3 |
MEDIUM
|
apt
|
apt-webshop-system
|
Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to inject arbitrary web script or HTML via the message parameter, probably inv…
|
NVD-CWE-Other
|
CVE-2006-1687
|
2011-03-8 11:33 |
2006-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260112
|
7.5 |
HIGH
|
manic_web
|
mwnewsletter
|
Multiple SQL injection vulnerabilities in MWNewsletter 1.0.0b allow remote attackers to execute arbitrary SQL commands via the (1) user_email parameter to (a) unsubscribe.php or (b) subscribe.php; or…
|
NVD-CWE-Other
|
CVE-2006-1692
|
2011-03-8 11:33 |
2006-04-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260113
|
2.6 |
LOW
|
bitweaver
|
bitweaver
|
Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this informatio…
|
NVD-CWE-Other
|
CVE-2006-1745
|
2011-03-8 11:33 |
2006-04-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260114
|
7.8 |
HIGH
|
hosting_controller
|
hosting_controller
|
Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and pass…
|
NVD-CWE-Other
|
CVE-2006-1764
|
2011-03-8 11:33 |
2006-04-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260115
|
6.4 |
MEDIUM
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP s…
|
NVD-CWE-Other
|
CVE-2006-1093
|
2011-03-8 11:32 |
2006-03-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260116
|
5.0 |
MEDIUM
|
novell
|
bordermanager
|
Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related…
|
NVD-CWE-Other
|
CVE-2006-1218
|
2011-03-8 11:32 |
2006-03-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260117
|
10.0 |
HIGH
|
amax_information_technologies
|
winmail
|
Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors.
|
NVD-CWE-Other
|
CVE-2006-1250
|
2011-03-8 11:32 |
2006-03-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260118
|
7.8 |
HIGH
|
funkwerk
|
x2300
|
The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by t…
|
NVD-CWE-Other
|
CVE-2006-1268
|
2011-03-8 11:32 |
2006-03-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260119
|
4.6 |
MEDIUM
|
symantec
|
ghost_solutions_suite norton_ghost
|
The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local us…
|
NVD-CWE-Other
|
CVE-2006-1284
|
2011-03-8 11:32 |
2006-03-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260120
|
3.2 |
LOW
|
symantec
|
ghost_solutions_suite norton_ghost
|
SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local …
|
NVD-CWE-Other
|
CVE-2006-1285
|
2011-03-8 11:32 |
2006-03-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260121
|
3.2 |
LOW
|
symantec
|
ghost_solutions_suite norton_ghost
|
Update to Symantec Ghost 8.3 that is shipped as a part of Symantec Ghost Solutions Suite 1.1.
|
NVD-CWE-Other
|
CVE-2006-1285
|
2011-03-8 11:32 |
2006-03-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260122
|
5.8 |
MEDIUM
|
invision_power_services
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim i…
|
NVD-CWE-Other
|
CVE-2006-1287
|
2011-03-8 11:32 |
2006-03-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260123
|
5.0 |
MEDIUM
|
oreka
|
oreka
|
Oreka before 0.5 allows remote attackers to cause a denial of service (application crash) via a "certain RTP sequence."
|
NVD-CWE-Other
|
CVE-2006-0912
|
2011-03-8 11:31 |
2006-02-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260124
|
7.5 |
HIGH
|
mozilla
|
bugzilla
|
Bugzilla 2.16.10 does not properly handle certain characters in the (1) maxpatchsize and (2) maxattachmentsize parameters in attachment.cgi, which allows remote attackers to trigger a SQL error.
|
NVD-CWE-Other
|
CVE-2006-0915
|
2011-03-8 11:31 |
2006-02-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260125
|
4.0 |
MEDIUM
|
argosoft
|
argosoft_mail_server
|
Directory traversal vulnerability in Webmail in ArGoSoft Mail Server Pro 1.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the UIDL parameter.
|
NVD-CWE-Other
|
CVE-2006-0930
|
2011-03-8 11:31 |
2006-02-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260126
|
7.5 |
HIGH
|
thomson
|
speedtouch
|
Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote attackers to create users that cannot be deleted via scripting code in the "31" parameter in a NewUser function, which is not filtere…
|
NVD-CWE-Other
|
CVE-2006-0947
|
2011-03-8 11:31 |
2006-03-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260127
|
7.2 |
HIGH
|
eset_software
|
nod32_antivirus
|
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspeci…
|
NVD-CWE-Other
|
CVE-2006-0951
|
2011-03-8 11:31 |
2006-04-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260128
|
1.7 |
LOW
|
nufw
|
nufw_firewall
|
nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authenticati…
|
NVD-CWE-Other
|
CVE-2006-0956
|
2011-03-8 11:31 |
2006-03-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260129
|
1.7 |
LOW
|
nufw
|
nufw_firewall
|
This vulnerability affects NuFW, NuFW Firewall versions 1.0.20 and previous.
|
NVD-CWE-Other
|
CVE-2006-0956
|
2011-03-8 11:31 |
2006-03-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260130
|
7.5 |
HIGH
|
phprpc
|
phprpc
|
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary…
|
NVD-CWE-Other
|
CVE-2006-1032
|
2011-03-8 11:31 |
2006-03-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260131
|
10.0 |
HIGH
|
geeklog
|
geeklog
|
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges …
|
NVD-CWE-Other
|
CVE-2006-1069
|
2011-03-8 11:31 |
2006-03-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260132
|
5.0 |
MEDIUM
|
hp
|
systems_insight_manager
|
Directory traversal vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows allows remote attackers to access arbitrary files via unspecified vectors, a different vulnerability th…
|
NVD-CWE-Other
|
CVE-2006-0656
|
2011-03-8 11:30 |
2006-02-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260133
|
10.0 |
HIGH
|
mantis
|
mantis
|
Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the…
|
NVD-CWE-Other
|
CVE-2006-0665
|
2011-03-8 11:30 |
2006-02-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260134
|
4.6 |
MEDIUM
|
ibm
|
aix
|
lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack.
|
NVD-CWE-Other
|
CVE-2006-0667
|
2011-03-8 11:30 |
2006-03-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260135
|
7.5 |
HIGH
|
musox
|
df_msanalysis
|
SQL injection vulnerability in mstrack.php in MusOX DF MSAnalysis (DFMSA), as used in some environments that use CPG-Nuke Dragonfly CMS, allows remote attackers to trigger path disclosure from a SQL …
|
NVD-CWE-Other
|
CVE-2006-0727
|
2011-03-8 11:30 |
2006-02-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260136
|
10.0 |
HIGH
|
noofs_team
|
network_object_oriented_file_system
|
Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Oriented File System (NOOFS) before 0.9.0 have unspecified impact and a…
|
NVD-CWE-noinfo
|
CVE-2006-0751
|
2011-03-8 11:30 |
2006-02-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260137
|
5.0 |
MEDIUM
|
xerox
|
workcentre_232 workcentre_238 workcentre_245 workcentre_255 workcentre_265 workcentre_275
|
Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers t…
|
NVD-CWE-Other
|
CVE-2006-0828
|
2011-03-8 11:30 |
2006-02-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260138
|
5.0 |
MEDIUM
|
popfile
|
popfile
|
POPFile before 0.22.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving character sets within e-mail messages.
|
NVD-CWE-Other
|
CVE-2006-0876
|
2011-03-8 11:30 |
2006-02-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260139
|
7.5 |
HIGH
|
pam-mysql
|
pam-mysql
|
Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service …
|
CWE-119
バッファエラー
|
CVE-2006-0056
|
2011-03-8 11:29 |
2006-02-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260140
|
7.5 |
HIGH
|
vego
|
vego_links_builder
|
SQL injection vulnerability in login.php in VEGO Links Builder 2.00 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
NVD-CWE-Other
|
CVE-2006-0067
|
2011-03-8 11:29 |
2006-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260141
|
7.5 |
HIGH
|
primo_place
|
primo_cart
|
SQL injection vulnerability in Primo Cart 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) q parameter to search.php and (2) email parameter to user.php.
|
NVD-CWE-Other
|
CVE-2006-0068
|
2011-03-8 11:29 |
2006-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260142
|
2.1 |
LOW
|
richard_dawe
|
file_extattr
|
Off-by-one error in the getfattr function in File::ExtAttr before 0.03 allows attackers to trigger a buffer overflow via unspecified attack vectors.
|
NVD-CWE-Other
|
CVE-2006-0077
|
2011-03-8 11:29 |
2006-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260143
|
5.0 |
MEDIUM
|
rasmp
|
rasmp
|
Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header…
|
NVD-CWE-Other
|
CVE-2006-0084
|
2011-03-8 11:29 |
2006-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260144
|
7.5 |
HIGH
|
nkads
|
nkads
|
SQL injection vulnerability in Nkads 1.0 alfa 3 allows remote attackers to execute arbitrary SQL commands via the (1) usuario_nkads_admin or (2) password_nkads_admin parameters.
|
NVD-CWE-Other
|
CVE-2006-0085
|
2011-03-8 11:29 |
2006-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260145
|
5.0 |
MEDIUM
|
next_generation_image_gallery
|
next_generation_image_gallery
|
Cross-site scripting vulnerability in index.php in Next Generation Image Gallery 0.0.1 Lite Edition allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
NVD-CWE-Other
|
CVE-2006-0086
|
2011-03-8 11:29 |
2006-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260146
|
5.0 |
MEDIUM
|
esri
|
arcpad
|
Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long s…
|
NVD-CWE-Other
|
CVE-2006-0089
|
2011-03-8 11:29 |
2006-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260147
|
5.0 |
MEDIUM
|
idv_directory_viewer
|
idv_directory_viewer
|
Directory traversal vulnerability in index.php in IDV Directory Viewer before 2005.1 allows remote attackers to view arbitrary directory contents via a .. (dot dot) in the dir parameter.
|
NVD-CWE-Other
|
CVE-2006-0090
|
2011-03-8 11:29 |
2006-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260148
|
4.3 |
MEDIUM
|
ecardmax.com
|
atcard_me_php
|
Cross-site scripting (XSS) vulnerability in index.php in @Card ME PHP allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
NVD-CWE-Other
|
CVE-2006-0093
|
2011-03-8 11:29 |
2006-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260149
|
5.0 |
MEDIUM
|
modular_merchant
|
shopping_cart
|
Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
NVD-CWE-Other
|
CVE-2006-0109
|
2011-03-8 11:29 |
2006-01-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
260150
|
4.3 |
MEDIUM
|
enhanced_simple_php_gallery
|
enhanced_simple_php_gallery
|
Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
|
NVD-CWE-Other
|
CVE-2006-0112
|
2011-03-8 11:29 |
2006-01-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|