|
352921
|
- |
|
twiki
|
twiki
|
Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
|
NVD-CWE-Other
|
CVE-2006-4294
|
2011-03-8 11:40 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352922
|
- |
|
cgi-rescue
|
mail_f_w_system
|
CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.…
|
NVD-CWE-Other
|
CVE-2006-4344
|
2011-03-8 11:40 |
2006-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352923
|
- |
|
doctor_web_ltd
|
dr.web
|
Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header tha…
|
NVD-CWE-Other
|
CVE-2006-4438
|
2011-03-8 11:40 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352924
|
- |
|
ay_system_solutions
|
ay_system_solutions_cms
|
Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter t…
|
NVD-CWE-Other
|
CVE-2006-4441
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352925
|
- |
|
clemens_wacha
|
php_iaddressbook
|
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to inject arbitrary web script or HTML via the cat_name parameter, related to adding a category. (cate…
|
NVD-CWE-Other
|
CVE-2006-4442
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352926
|
- |
|
x.org
|
emu-linux-x87-xlibs
x11r6
x11r7
xdm
xf86dga
xinit
xload
xorg-server
xterm
|
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow…
|
NVD-CWE-Other
|
CVE-2006-4447
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352927
|
- |
|
cj_design
|
cj_tag_board
|
Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the (1) User-Agent HTTP header in tag.php, which is executed by all.php, and (…
|
NVD-CWE-Other
|
CVE-2006-4451
|
2011-03-8 11:40 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352928
|
- |
|
phpecard
|
phpecard
|
PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. NOTE: the provenance…
|
NVD-CWE-Other
|
CVE-2006-4457
|
2011-03-8 11:40 |
2006-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352929
|
- |
|
sybase
|
financial_fusion_consumer_banking_solution
|
Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors.
|
NVD-CWE-Other
|
CVE-2006-3667
|
2011-03-8 11:39 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352930
|
- |
|
hyper_estraier
|
hyper_estraier
|
Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper Estraier before 1.3.3 allows remote attackers to perform unauthorized actions as other users via u…
|
NVD-CWE-Other
|
CVE-2006-3671
|
2011-03-8 11:39 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
