|
344011
|
- |
|
professional_home_page_tools
|
professional_home_page_tools_guestbook
|
Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip…
|
NVD-CWE-Other
|
CVE-2006-3752
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344012
|
- |
|
professional_home_page_tools
|
professional_home_page_tools_guestbook
|
setcookie.php for the administration login in Professional Home Page Tools Guestbook records the hash of the administrator password in a cookie, which allows attackers to conduct brute force password…
|
NVD-CWE-Other
|
CVE-2006-3753
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344013
|
- |
|
zen_cart
|
zen_cart
|
index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which revea…
|
NVD-CWE-Other
|
CVE-2006-3757
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344014
|
- |
|
mybulletinboard
|
mybulletinboard
|
Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript …
|
CWE-79
Cross-site Scripting
|
CVE-2006-3761
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344015
|
- |
|
mybulletinboard
|
mybulletinboard
|
This vulnerability is addressed in the following product release:
MyBulletinBoard, MyBulletinBoard, 1.1.5
|
CWE-79
Cross-site Scripting
|
CVE-2006-3761
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344016
|
- |
|
touch_control
|
activex_control
|
The Touch Control ActiveX control 2.0.0.55 allows remote attackers to read and possibly execute arbitrary files via a "file///" URI in the sPath parameter to the Execute function.
|
NVD-CWE-Other
|
CVE-2006-3762
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344017
|
- |
|
dieselscripts
|
diesel_joke_site
|
SQL injection vulnerability in category.php in Diesel Joke Site allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-3763
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344018
|
- |
|
till_gerken
|
phppolls
|
Till Gerken phpPolls 1.0.3 allows remote attackers to create a new poll via a direct request to phpPollAdmin.php3 with the poll_action parameter set to create.
|
NVD-CWE-Other
|
CVE-2006-3764
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344019
|
- |
|
huttenlocher_webdesign
|
hwdeguest
|
Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as dem…
|
NVD-CWE-Other
|
CVE-2006-3765
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344020
|
- |
|
darrens_5-dollar_script_archive
|
osdate
|
Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10.
|
NVD-CWE-Other
|
CVE-2006-3766
|
2018-10-18 06:29 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
