|
346131
|
- |
|
drupal
|
drupal_userreview_module
|
Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview module before 1.19 2006/09/12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2006-4821
|
2017-07-20 10:33 |
2006-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346132
|
- |
|
emusoft
|
emucms
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page paramete…
|
NVD-CWE-Other
|
CVE-2006-4822
|
2017-07-20 10:33 |
2006-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346133
|
- |
|
claroline
dokeos
|
claroline
open_source_learning_and_knowledge_management_tool
|
PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earlier, as used in Dokeos and possibly other products, allows remote attackers to execute arbitrary PHP…
|
CWE-94
Code Injection
|
CVE-2006-4844
|
2017-07-20 10:33 |
2006-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346134
|
- |
|
claroline
dokeos
|
claroline
open_source_learning_and_knowledge_management_tool
|
Successful exploitation requires that "register_globals" is enabled.
This vulnerability is addressed in the following product release:
Claroline, Claroline, 1.7.8
|
CWE-94
Code Injection
|
CVE-2006-4844
|
2017-07-20 10:33 |
2006-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346135
|
- |
|
citrix
|
access_gateway
|
Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authent…
|
NVD-CWE-Other
|
CVE-2006-4846
|
2017-07-20 10:33 |
2006-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346136
|
- |
|
citrix
|
access_gateway
|
Successful exploitation requires that the Advanced Access Control option is set to use LDAP authentication.
This vulnerability is addressed by hotfix AAC420W004.
|
NVD-CWE-Other
|
CVE-2006-4846
|
2017-07-20 10:33 |
2006-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346137
|
- |
|
bolinos
|
bolinos
|
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath param…
|
NVD-CWE-Other
|
CVE-2006-4851
|
2017-07-20 10:33 |
2006-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346138
|
- |
|
qualiteam
|
x-cart
|
Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam X-Cart 4.1.3 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code, as demonst…
|
NVD-CWE-Other
|
CVE-2006-4904
|
2017-07-20 10:33 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346139
|
- |
|
cisco
|
guard_ddos_mitigation_appliance
|
Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), when anti-spoofing is enabled, allows remote attackers to inject arbitrary web script or HTML via cert…
|
NVD-CWE-Other
|
CVE-2006-4909
|
2017-07-20 10:33 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346140
|
- |
|
a.l-pifou
|
a.l-pifou
|
Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote attackers to read arbitrary files via ".." sequences in the ze_langue_02 cookie, as demonstrated by using the choix_lng parameter to…
|
NVD-CWE-Other
|
CVE-2006-4914
|
2017-07-20 10:33 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
