|
345871
|
- |
|
david_barrett
|
qwikiwiki
|
Cross-site scripting (XSS) vulnerability in search.php in QWikiWiki 1.5, and possibly 1.5.1 and other versions, allows remote attackers to inject arbitrary web script or HTML via the query parameter.
|
NVD-CWE-Other
|
CVE-2006-0699
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345872
|
- |
|
imagevue
|
imagevue
|
imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-0700
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345873
|
- |
|
imagevue
|
imagevue
|
readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
|
NVD-CWE-Other
|
CVE-2006-0701
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345874
|
- |
|
imagevue
|
imagevue
|
admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the…
|
NVD-CWE-Other
|
CVE-2006-0702
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345875
|
- |
|
ie
|
ie_integrator
|
iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows remote attackers to obtain sensitive information via a URL that calls a non-existent .aspx script in the in…
|
NVD-CWE-Other
|
CVE-2006-0704
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345876
|
- |
|
pyblosxom
|
pyblosxom
|
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the…
|
CWE-200
Information Exposure
|
CVE-2006-0707
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345877
|
- |
|
attachmatewrq
f-secure
|
reflection_for_secure_it_server
f-secure_ssh_server
|
Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Window…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2006-0705
|
2017-07-20 10:29 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345878
|
- |
|
wwwsearchsolutions
|
searchfeed_search_engine
|
Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote attackers to inject arbitrary HTML and web script, possibly via the REQ parameter, which is used w…
|
NVD-CWE-Other
|
CVE-2005-3866
|
2017-07-20 10:29 |
2005-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345879
|
- |
|
wwwsearchsolutions
|
revenuepilot_search_engine_script
|
Cross-site scripting (XSS) vulnerability in RevenuePilot Search Engine Script 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the REQ parameter, which is used whe…
|
NVD-CWE-Other
|
CVE-2005-3867
|
2017-07-20 10:29 |
2005-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345880
|
- |
|
google
|
api_search
|
Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter.
|
NVD-CWE-Other
|
CVE-2005-3869
|
2017-07-20 10:29 |
2005-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
