|
346311
|
- |
|
hlstats
|
hlstats
|
Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
NVD-CWE-Other
|
CVE-2006-4454
|
2017-07-20 10:33 |
2006-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346312
|
- |
|
clemens_wacha
|
php_iaddressbook
|
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.96 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-4460
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346313
|
- |
|
joomla
|
joomla
|
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) …
|
NVD-CWE-Other
|
CVE-2006-4474
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346314
|
- |
|
cybozu
|
cybozu_office
share_360
|
Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 before 2.5 Build 0.3 allow remote authenticated users to read arbitrary files via a .. (dot dot) seque…
|
NVD-CWE-Other
|
CVE-2006-4490
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346315
|
- |
|
xbiff2
|
xbiff2
|
xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance…
|
NVD-CWE-Other
|
CVE-2006-4493
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346316
|
- |
|
sony
|
playstation_portable
|
Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TI…
|
NVD-CWE-Other
|
CVE-2006-4507
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346317
|
- |
|
dec
|
dec_openvms_alpha
|
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows …
|
CWE-200
Information Exposure
|
CVE-2006-4537
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346318
|
- |
|
learn.com
|
learncenter
|
Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-4540
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346319
|
- |
|
usermin
webmin
|
usermin
webmin
|
Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source c…
|
CWE-79
Cross-site Scripting
|
CVE-2006-4542
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346320
|
- |
|
usermin
webmin
|
usermin
webmin
|
This vulnerability is addressed in the following product releases:
Webmin, Webmin, 1.296
Usermin, Usermin, 1.226
|
CWE-79
Cross-site Scripting
|
CVE-2006-4542
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
