|
354751
|
- |
|
php
|
directory_listing_script
|
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
|
NVD-CWE-Other
|
CVE-2006-2419
|
2011-03-8 11:36 |
2006-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354752
|
- |
|
php
|
directory_listing_script
|
The vulnerability has been confirmed in the latest available version of this product. Other versions may also be affected.
|
NVD-CWE-Other
|
CVE-2006-2419
|
2011-03-8 11:36 |
2006-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354753
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and remote attack vectors related to "HTTP request handlers".
|
NVD-CWE-noinfo
|
CVE-2006-2429
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354754
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
|
NVD-CWE-Other
|
CVE-2006-2430
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354755
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.
|
NVD-CWE-Other
|
CVE-2006-2432
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354756
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and attack vectors related to the "administrative console".
|
NVD-CWE-noinfo
|
CVE-2006-2433
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354757
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulative fix) Common Configuration Mode + CommonArchive and J2EE Models might allow attackers to obtain sensitive information via the tr…
|
NVD-CWE-Other
|
CVE-2006-2434
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354758
|
- |
|
ibm
|
websphere_application_server
|
Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 and earlier, and 5.1.1 and earlier, has unknown impact and attack vectors related to "Inserting certain script tags in urls [that] …
|
NVD-CWE-noinfo
|
CVE-2006-2435
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354759
|
- |
|
ibm
|
websphere_application_server
|
WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privil…
|
NVD-CWE-Other
|
CVE-2006-2436
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354760
|
- |
|
caucho_technology
|
resin
|
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to obtain the source code for file under the web root via the file parameter.
|
NVD-CWE-Other
|
CVE-2006-2437
|
2011-03-8 11:36 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
