|
349381
|
- |
|
nodez
|
nodez
|
Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password has…
|
NVD-CWE-Other
|
CVE-2006-1164
|
2008-09-6 06:01 |
2006-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349382
|
- |
|
runcms
|
runcms
|
Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-1216
|
2008-09-6 06:01 |
2006-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349383
|
- |
|
wordpress
|
wordpress
|
Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2006-1263
|
2008-09-6 06:01 |
2006-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349384
|
- |
|
university_of_washington
|
pubcookie
|
Multiple cross-site scripting (XSS) vulnerabilities in the Microsoft IIS ISAPI filter (aka application server module) in University of Washington Pubcookie 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 be…
|
NVD-CWE-Other
|
CVE-2006-1394
|
2008-09-6 06:01 |
2006-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349385
|
- |
|
upoint
|
at1_event_publisher
|
Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Websit…
|
NVD-CWE-Other
|
CVE-2006-1436
|
2008-09-6 06:01 |
2006-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349386
|
- |
|
upoint
|
at1_event_publisher
|
UPOINT @1 Event Publisher stores sensitive information under the web document root with insufifcient access control, which allows remote attackers to read private comments via a direct request to eve…
|
NVD-CWE-Other
|
CVE-2006-1437
|
2008-09-6 06:01 |
2006-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349387
|
- |
|
avaya
|
vsu_100
vsu_10000
vsu_2000
vsu_7500
csu_5000
|
The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via cert…
|
NVD-CWE-Other
|
CVE-2006-0718
|
2008-09-6 06:00 |
2006-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349388
|
- |
|
nocc
|
nocc
|
NOCC Webmail 1.0 stores e-mail attachments in temporary files with predictable filenames, which makes it easier for remote attackers to execute arbitrary code by accessing the e-mail attachment via d…
|
NVD-CWE-Other
|
CVE-2006-0892
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349389
|
- |
|
nocc
|
nocc
|
NOCC Webmail 1.0 allows remote attackers to obtain sensitive information via a direct request to (1) the profiles directory, which leaks e-mail addresses contained in filenames of profiles, and (2) t…
|
NVD-CWE-Other
|
CVE-2006-0893
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349390
|
- |
|
nocc
|
nocc
|
Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_…
|
NVD-CWE-Other
|
CVE-2006-0894
|
2008-09-6 06:00 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
