|
347241
|
- |
|
mambo
|
mambo_gallery_manager
|
PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConf…
|
NVD-CWE-Other
|
CVE-2006-3981
|
2017-07-20 10:32 |
2006-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347242
|
- |
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4.7.3, allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: …
|
NVD-CWE-Other
|
CVE-2006-4002
|
2017-07-20 10:32 |
2006-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347243
|
- |
|
drupal
|
drupal
|
This vulnerability is addressed in the following product releases:
Drupal, Drupal, 4.6.9
Drupal, Drupal, 4.7.3
|
NVD-CWE-Other
|
CVE-2006-4002
|
2017-07-20 10:32 |
2006-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347244
|
- |
|
bomberclone
|
bomberclone
|
BomberClone 0.11.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via (1) a certain malformed PKGF_ackreq packet, which triggers a crash in the rscache_add() function…
|
NVD-CWE-Other
|
CVE-2006-4005
|
2017-07-20 10:32 |
2006-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347245
|
- |
|
bomberclone
|
bomberclone
|
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the send_pkg function (packets.c) to use this data size whe…
|
CWE-200
Information Exposure
|
CVE-2006-4006
|
2017-07-20 10:32 |
2006-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347246
|
- |
|
symantec
|
brightmail_antispam
|
Multiple directory traversal vulnerabilities in Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allow remote attackers to read and o…
|
CWE-22
Path Traversal
|
CVE-2006-4013
|
2017-07-20 10:32 |
2006-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347247
|
- |
|
cisco
|
callmanager_express
|
Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certa…
|
NVD-CWE-Other
|
CVE-2006-4032
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347248
|
- |
|
cisco
|
callmanager_express
|
Cisco's recommended best practice of implementing the VoIP infrastructure and data devices on separate VLANs would prevent malicious users from launching such attacks against the VoIP network.
|
NVD-CWE-Other
|
CVE-2006-4032
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347249
|
- |
|
counterchaos
|
counterchaos
|
SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header.
|
NVD-CWE-Other
|
CVE-2006-4035
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347250
|
- |
|
pike
|
pike
|
SQL injection vulnerability in Pike before 7.6.86, when using a Postgres database server, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors.
|
NVD-CWE-Other
|
CVE-2006-4041
|
2017-07-20 10:32 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
