|
345471
|
- |
|
ossp
|
shiela
|
OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on the CVS server via shell metacharacters in a filename that is committed.
|
CWE-20
Improper Input Validation
|
CVE-2006-3633
|
2017-07-20 10:32 |
2006-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345472
|
- |
|
squirrelmail
|
squirrelmail
|
SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows remote attackers to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated …
|
NVD-CWE-Other
|
CVE-2006-3665
|
2017-07-20 10:32 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345473
|
- |
|
myiosoft.com
|
ajaxportal
|
SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the 'Search' field, a different vulnerability than CVE-200…
|
NVD-CWE-Other
|
CVE-2006-3666
|
2017-07-20 10:32 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345474
|
- |
|
dynamic_universal_music_bibliotheque
|
dumb
|
Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted at…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2006-3668
|
2017-07-20 10:32 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345475
|
- |
|
kde
|
konqueror
|
KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demo…
|
NVD-CWE-Other
|
CVE-2006-3672
|
2017-07-20 10:32 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345476
|
- |
|
armagetron
|
armagetron_advanced
|
nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (application crash) via a large owner value, which causes an assert error.
|
NVD-CWE-Other
|
CVE-2006-3673
|
2017-07-20 10:32 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345477
|
- |
|
armagetron
|
armagetron_advanced
|
nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a large number handled by the id_req_handler function.
|
NVD-CWE-Other
|
CVE-2006-3674
|
2017-07-20 10:32 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345478
|
- |
|
awstats
|
awstats
|
Multiple cross-site scripting (XSS) vulnerabilities in awstats.pl in AWStats 6.5 build 1.857 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) refererpagesfilter, …
|
NVD-CWE-Other
|
CVE-2006-3681
|
2017-07-20 10:32 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345479
|
- |
|
awstats
|
awstats
|
awstats.pl in AWStats 6.5 build 1.857 and earlier allows remote attackers to obtain the installation path via the (1) year, (2) pluginmode or (3) month parameters.
|
NVD-CWE-Other
|
CVE-2006-3682
|
2017-07-20 10:32 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345480
|
- |
|
edgewall_software
|
trac
|
Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers …
|
NVD-CWE-Other
|
CVE-2006-3695
|
2017-07-20 10:32 |
2006-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
