|
352521
|
- |
|
pmwiki
|
pmwiki
|
Cross-site scripting (XSS) vulnerability in PmWiki before 2.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "table markups".
|
NVD-CWE-Other
|
CVE-2006-4453
|
2008-09-6 06:09 |
2006-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352522
|
- |
|
paessler
|
ipcheck_server_monitor
|
Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the probe settings," which has unknown impact and attack vectors.
|
NVD-CWE-Other
|
CVE-2006-4461
|
2008-09-6 06:09 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352523
|
- |
|
moderngigabyte
|
modernbill
|
ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST that do not verify SSL certificates, which allows remote attackers to read network …
|
NVD-CWE-Other
|
CVE-2006-4499
|
2008-09-6 06:09 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352524
|
- |
|
devellion
|
cubecart
|
Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the links array.
|
NVD-CWE-Other
|
CVE-2006-4525
|
2008-09-6 06:09 |
2006-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352525
|
- |
|
devellion
|
cubecart
|
SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the sea…
|
NVD-CWE-Other
|
CVE-2006-4526
|
2008-09-6 06:09 |
2006-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352526
|
- |
|
devellion
|
cubecart
|
includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, uses an insufficiently restrictive regular expression to validate the gateway parameter, which allo…
|
NVD-CWE-Other
|
CVE-2006-4527
|
2008-09-6 06:09 |
2006-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352527
|
- |
|
ibm
|
lotus_notes
|
IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase"…
|
NVD-CWE-Other
|
CVE-2006-3778
|
2008-09-6 06:08 |
2006-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352528
|
- |
|
kailash_nadh
|
boastmachine
|
The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to…
|
NVD-CWE-Other
|
CVE-2006-3830
|
2008-09-6 06:08 |
2006-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352529
|
- |
|
dokeos
|
dokeos
|
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos before 1.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2006-3924
|
2008-09-6 06:08 |
2006-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352530
|
- |
|
pswd.js
|
pswd.js
|
The pswd.js script relies on the client to calculate whether a username and password match hard-coded hashed values for a server, and uses a hashing scheme that creates a large number of collisions, …
|
CWE-255
Credentials Management
|
CVE-2006-4068
|
2008-09-6 06:08 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
