|
345801
|
- |
|
fscripts
|
fantastic_news
|
PHP remote file inclusion vulnerability in news.php in Fantastic News 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter. NOTE: it…
|
CWE-94
Code Injection
|
CVE-2006-4285
|
2018-10-18 06:34 |
2006-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345802
|
- |
|
cpanel
|
cpanel
|
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html, or the (2) file parameter …
|
NVD-CWE-Other
|
CVE-2006-4293
|
2018-10-18 06:34 |
2006-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345803
|
- |
|
oscommerce
|
oscommerce
|
SQL injection vulnerability in shopping_cart.php in osCommerce before 2.2 Milestone 2 060817 allows remote attackers to execute arbitrary SQL commands via id array parameters.
|
NVD-CWE-Other
|
CVE-2006-4297
|
2018-10-18 06:34 |
2006-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345804
|
- |
|
8pixel.net
|
simple_blog
|
SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
NVD-CWE-Other
|
CVE-2006-4300
|
2018-10-18 06:34 |
2006-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345805
|
- |
|
microsoft
|
ie
|
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from…
|
CWE-20
Improper Input Validation
|
CVE-2006-4301
|
2018-10-18 06:34 |
2006-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345806
|
- |
|
mysql
sap-db
|
maxdb
sap-db
|
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
|
NVD-CWE-Other
|
CVE-2006-4305
|
2018-10-18 06:34 |
2006-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345807
|
- |
|
blackboard
|
blackboard
blackboard_learning_and_community_portal_suite
vista
|
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2006-4308
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345808
|
- |
|
ak-systems
|
windows_terminal
|
VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote attackers to login and view RDP or Citrix sessions.
|
NVD-CWE-Other
|
CVE-2006-4309
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345809
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
|
CWE-20
Improper Input Validation
|
CVE-2006-4310
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345810
|
- |
|
symantec
|
enterprise_security_manager
|
The manager server in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x allows remote attackers to cause a denial of service (hang) via a malformed ESM agent request.
|
NVD-CWE-Other
|
CVE-2006-4314
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
