|
352841
|
- |
|
deltascripts
|
php_pro_publish
|
Cross-site scripting (XSS) vulnerability in cat.php in PHP Pro Publish 2.0 allows remote attackers to inject arbitrary web script or HTML via the catname parameter. NOTE: the provenance of this info…
|
NVD-CWE-Other
|
CVE-2006-2876
|
2011-03-8 11:37 |
2006-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352842
|
- |
|
qbik
|
wingate
|
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of othe…
|
NVD-CWE-Other
|
CVE-2006-2917
|
2011-03-8 11:37 |
2006-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352843
|
- |
|
dmx_forum
|
dmx_forum
|
Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.
|
NVD-CWE-Other
|
CVE-2006-2946
|
2011-03-8 11:37 |
2006-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352844
|
- |
|
skoom
|
i.list
|
Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchword parameter to search.php or (2) …
|
NVD-CWE-Other
|
CVE-2006-2956
|
2011-03-8 11:37 |
2006-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352845
|
- |
|
enterprise_payroll_systems
|
enterprise_payroll_systems
|
PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter…
|
NVD-CWE-Other
|
CVE-2006-2983
|
2011-03-8 11:37 |
2006-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352846
|
- |
|
myscrapbook
|
myscrapbook
|
Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in MyScrapbook 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) comment param…
|
NVD-CWE-Other
|
CVE-2006-3035
|
2011-03-8 11:37 |
2006-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352847
|
- |
|
subtext
|
subtext
|
Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows remote administrators of one blog to login to another blog.
|
NVD-CWE-Other
|
CVE-2006-3046
|
2011-03-8 11:37 |
2006-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352848
|
- |
|
cescripts
|
event_registration_2checkout
event_registration_corporate
event_registration_paypal
event_registration_rsvp
|
Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_ev…
|
NVD-CWE-Other
|
CVE-2006-3052
|
2011-03-8 11:37 |
2006-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352849
|
- |
|
cescripts
|
car_classifieds
|
Cross-site scripting (XSS) vulnerability in index.php in Car Classifieds allows remote attackers to inject arbitrary web script or HTML via the make_id parameter. NOTE: the provenance of this inform…
|
NVD-CWE-Other
|
CVE-2006-3088
|
2011-03-8 11:37 |
2006-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352850
|
- |
|
brian_wotring
|
osiris
|
Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified attack ve…
|
NVD-CWE-Other
|
CVE-2006-3120
|
2011-03-8 11:37 |
2006-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
