|
345661
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers to determine the CEID of a protected asset, which can be used in other attacks …
|
NVD-CWE-Other
|
CVE-2006-2713
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345662
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which allows remote attackers to send messages to a protected asset without knowing the…
|
NVD-CWE-Other
|
CVE-2006-2714
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345663
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, which allows remote attackers to gain access to servers via the console.
|
NVD-CWE-Other
|
CVE-2006-2715
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345664
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server.
|
NVD-CWE-Other
|
CVE-2006-2716
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345665
|
- |
|
secure_elements
|
c5_enterprise_vulnerability_management
|
Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticated attackers to overwrite arbitrary files (1) on a server during an update or (2…
|
NVD-CWE-Other
|
CVE-2006-2717
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345666
|
- |
|
out_of_the_trees_web_design
|
selectapix
|
SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; th…
|
NVD-CWE-Other
|
CVE-2006-2722
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345667
|
- |
|
punbb
|
punbb
|
Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a diff…
|
NVD-CWE-Other
|
CVE-2006-2724
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345668
|
- |
|
jan_chmelik
|
photoalbum_bandw
|
Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. NOTE: the provenance of t…
|
NVD-CWE-Other
|
CVE-2006-2729
|
2017-07-20 10:31 |
2006-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345669
|
- |
|
eitsop
|
my_web_server
|
Eitsop My Web Server 1.0 allows remote attackers to cause a denial of service (application crash) via a long GET request. NOTE: CVE analysis suggests that this is a different product, and therefore …
|
NVD-CWE-Other
|
CVE-2006-2756
|
2017-07-20 10:31 |
2006-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345670
|
- |
|
warpspeed
|
4nforum
|
SQL injection vulnerability in modules.php in 4nNukeWare 4nForum 0.91 allows remote attackers to execute arbitrary SQL commands via the tid parameter.
|
CWE-89
SQL Injection
|
CVE-2006-2760
|
2017-07-20 10:31 |
2006-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
