|
348421
|
- |
|
cisco
|
application_velocity_system_3110
application_velocity_system_3120
|
The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to prox…
|
NVD-CWE-Other
|
CVE-2006-2322
|
2017-07-20 10:31 |
2006-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348422
|
- |
|
onlyscript.info
|
online_universal_payment_system_script
|
Cross-site scripting (XSS) vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to inject arbitrary web script or HTML via the read parameter. …
|
NVD-CWE-Other
|
CVE-2006-2325
|
2017-07-20 10:31 |
2006-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348423
|
- |
|
onlyscript.info
|
online_universal_payment_system_script
|
Directory traversal vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to read arbitrary files via directory traversal sequences in the read …
|
NVD-CWE-Other
|
CVE-2006-2326
|
2017-07-20 10:31 |
2006-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348424
|
- |
|
evo-dev
|
evotopsites
evotopsites_pro
|
SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters.
|
NVD-CWE-Other
|
CVE-2006-2339
|
2017-07-20 10:31 |
2006-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348425
|
- |
|
lethal_penguin
|
passmasterflex
passmasterflexplus
|
Cross-site scripting (XSS) vulnerability in PassMasterFlex and PassMasterFlexPlus (PassMasterFlex+) 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) username…
|
NVD-CWE-Other
|
CVE-2006-2340
|
2017-07-20 10:31 |
2006-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348426
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentication for the Welcome Page via a request to the default context root.
|
NVD-CWE-Other
|
CVE-2006-2342
|
2017-07-20 10:31 |
2006-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348427
|
- |
|
adventnet
|
manageengine_opmanager
|
Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance …
|
NVD-CWE-Other
|
CVE-2006-2343
|
2017-07-20 10:31 |
2006-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348428
|
- |
|
ajax_softwares
|
alipager
|
SQL injection vulnerability in inc/elementz.php in AliPAGER 1.5, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the ubild parameter.
|
NVD-CWE-Other
|
CVE-2006-2344
|
2017-07-20 10:31 |
2006-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348429
|
- |
|
roostercode_ajax_softwares
|
alipager
|
Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. NOTE: the provenance of this info…
|
NVD-CWE-Other
|
CVE-2006-2345
|
2017-07-20 10:31 |
2006-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348430
|
- |
|
inter7
|
vpopmail_\(vchkpw\)
|
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP A…
|
NVD-CWE-Other
|
CVE-2006-2346
|
2017-07-20 10:31 |
2006-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
