|
284181
|
- |
|
mathsoft
|
mathcad
|
Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows a…
|
NVD-CWE-Other
|
CVE-2006-7037
|
2018-10-17 01:29 |
2007-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284182
|
- |
|
chipmunk_scripts
|
chipmunk_directory
|
Cross-site scripting (XSS) vulnerability in directory/index.php in Chipmunk directory allows remote attackers to inject arbitrary web script or HTML via the start parameter.
|
NVD-CWE-Other
|
CVE-2006-7042
|
2018-10-17 01:29 |
2007-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284183
|
- |
|
shoutpro
|
shoutpro
|
include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7047
|
2018-10-17 01:29 |
2007-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284184
|
- |
|
sweetphp
|
totalcalendar
|
PHP remote file inclusion vulnerability in index.php in TotalCalendar 2.30 and earlier allows remote attackers to execute arbitrary code via a URL in the inc_dir parameter, a different vector than CV…
|
NVD-CWE-Other
|
CVE-2006-7055
|
2018-10-17 01:29 |
2007-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284185
|
- |
|
dreamcost
|
hostadmin
|
Multiple PHP remote file inclusion vulnerabilities in DreamCost HostAdmin 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) functions.php and…
|
NVD-CWE-Other
|
CVE-2006-7056
|
2018-10-17 01:29 |
2007-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284186
|
- |
|
oracle
|
database_server
|
Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE:…
|
NVD-CWE-Other
|
CVE-2006-7067
|
2018-10-17 01:29 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284187
|
- |
|
etomite
|
etomite
|
Unrestricted file upload vulnerability in manager/media/ibrowser/scripts/rfiles.php in Etomite CMS 0.6.1 and earlier allows remote attackers to upload and execute arbitrary files via an nfile[] param…
|
CWE-20
Improper Input Validation
|
CVE-2006-7070
|
2018-10-17 01:29 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284188
|
- |
|
geodesicsolutions
|
geoclassifieds_enterprise
|
Cross-site scripting (XSS) vulnerability in GeoClassifieds Enterprise 2.0.5.2 and earlier allows remote attackers to inject arbitrary web script and HTML via the (1) b[username] and (2) c parameters …
|
NVD-CWE-Other
|
CVE-2006-7072
|
2018-10-17 01:29 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284189
|
- |
|
professional_home_page_tools_login_script
|
professional_home_page_tools_login_script
|
Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) …
|
NVD-CWE-Other
|
CVE-2006-7078
|
2018-10-17 01:29 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284190
|
- |
|
dotdeb
|
dotdeb_php
|
CRLF injection vulnerability in the mail function in Dotdeb PHP before 5.2.0 Rev 3 allows remote attackers to bypass the protection scheme and inject arbitrary email headers via CRLF sequences in the…
|
NVD-CWE-Other
|
CVE-2006-7087
|
2018-10-17 01:29 |
2007-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
