|
345411
|
- |
|
joomla
|
joomla
|
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) …
|
NVD-CWE-Other
|
CVE-2006-4474
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345412
|
- |
|
cybozu
|
cybozu_office
share_360
|
Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 before 2.5 Build 0.3 allow remote authenticated users to read arbitrary files via a .. (dot dot) seque…
|
NVD-CWE-Other
|
CVE-2006-4490
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345413
|
- |
|
xbiff2
|
xbiff2
|
xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which allows local users to obtain sensitive information such as login credentials. NOTE: the provenance…
|
NVD-CWE-Other
|
CVE-2006-4493
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345414
|
- |
|
sony
|
playstation_portable
|
Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony PlaystationPortable (PSP) 2.00 through 2.80 allows local users to execute arbitrary code via crafted TI…
|
NVD-CWE-Other
|
CVE-2006-4507
|
2017-07-20 10:33 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345415
|
- |
|
dec
|
dec_openvms_alpha
|
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows …
|
CWE-200
Information Exposure
|
CVE-2006-4537
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345416
|
- |
|
learn.com
|
learncenter
|
Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-4540
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345417
|
- |
|
usermin
webmin
|
usermin
webmin
|
Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source c…
|
CWE-79
Cross-site Scripting
|
CVE-2006-4542
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345418
|
- |
|
usermin
webmin
|
usermin
webmin
|
This vulnerability is addressed in the following product releases:
Webmin, Webmin, 1.296
Usermin, Usermin, 1.226
|
CWE-79
Cross-site Scripting
|
CVE-2006-4542
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345419
|
- |
|
retro64
|
cr64loader_activex_control
|
Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors involving an HTML document that references the CLSID of …
|
NVD-CWE-Other
|
CVE-2006-4555
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345420
|
- |
|
phpnuke
|
myheadlines
|
Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the myh_op parameter to modules.php.
|
NVD-CWE-Other
|
CVE-2006-4563
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
