|
347371
|
- |
|
claroline
|
claroline
|
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
|
NVD-CWE-Other
|
CVE-2006-0411
|
2017-07-20 10:29 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347372
|
- |
|
gencbeyin_web_programlama
|
cybershop
|
SQL injection vulnerability in CyberShop allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action.
|
CWE-89
SQL Injection
|
CVE-2006-0412
|
2017-07-20 10:29 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347373
|
- |
|
tor
|
tor
|
Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to…
|
NVD-CWE-Other
|
CVE-2006-0414
|
2017-07-20 10:29 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347374
|
- |
|
sleeperchat
|
sleeperchat
|
Cross-site scripting (XSS) vulnerability in index.php in SleeperChat 0.3f and earlier allows remote attackers to inject arbitrary web script or HTML via the pseudo parameter.
|
NVD-CWE-Other
|
CVE-2006-0415
|
2017-07-20 10:29 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347375
|
- |
|
sleeperchat
|
sleeperchat
|
SleeperChat 0.3f and earlier allows remote attackers to bypass authentication and create new entries via the txt parameter to (1) chat_no.php and (2) chat_if.php.
|
CWE-287
Improper Authentication
|
CVE-2006-0416
|
2017-07-20 10:29 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347376
|
- |
|
bea
|
weblogic_server
|
By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to acc…
|
NVD-CWE-Other
|
CVE-2006-0421
|
2017-07-20 10:29 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347377
|
- |
|
bea
|
weblogic_server
|
Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote attackers to access MBean attributes or cause an un…
|
NVD-CWE-Other
|
CVE-2006-0422
|
2017-07-20 10:29 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347378
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration inform…
|
NVD-CWE-Other
|
CVE-2006-0424
|
2017-07-20 10:29 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347379
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorde…
|
NVD-CWE-Other
|
CVE-2006-0426
|
2017-07-20 10:29 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347380
|
- |
|
bea
|
weblogic_server
|
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allows malicious EJBs or servlet applications to decrypt system passwords, possibly by accessing function…
|
NVD-CWE-Other
|
CVE-2006-0427
|
2017-07-20 10:29 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
