|
280211
|
- |
|
easy_forum
|
easy_forum
|
Cross-site scripting vulnerability in Easy Forum 2.5 allows remote attackers to inject arbitrary web script or HTML via the image variable.
|
NVD-CWE-Other
|
CVE-2006-0877
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280212
|
- |
|
phpoutsourcing
|
noahs_classifieds
|
Noah's Classifieds 1.3 allows remote attackers to obtain the installation path via a direct request to include files, as demonstrated by classifieds/gorum/category.php.
|
NVD-CWE-Other
|
CVE-2006-0878
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280213
|
- |
|
phpoutsourcing
|
noahs_classifieds
|
SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors.
|
NVD-CWE-Other
|
CVE-2006-0879
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280214
|
- |
|
phpoutsourcing
|
noahs_classifieds
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) inf parameter; or, when register_g…
|
NVD-CWE-Other
|
CVE-2006-0880
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280215
|
- |
|
phpoutsourcing
|
noahs_classifieds
|
Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) u…
|
NVD-CWE-Other
|
CVE-2006-0881
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280216
|
- |
|
phpoutsourcing
|
noahs_classifieds
|
Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php.
|
NVD-CWE-Other
|
CVE-2006-0882
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280217
|
- |
|
mozilla
|
thunderbird
|
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or ca…
|
CWE-20
Improper Input Validation
|
CVE-2006-0884
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280218
|
- |
|
speedproject
|
speedcommander
squeez
zipstar
|
Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in (1) ZipStar 5.1 and (2) SpeedCommander 11.01.4450, allows remote attackers to overwrite arbitrary files via unspecified manipu…
|
NVD-CWE-Other
|
CVE-2006-0890
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280219
|
- |
|
simple_machines
|
simple_machines_forum
|
Cross-site scripting (XSS) vulnerability in Sources/Register.php in Simple Machine Forum (SMF) 1.0.6 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For HTTP header…
|
CWE-79
Cross-site Scripting
|
CVE-2006-0896
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280220
|
- |
|
lincoln_d._stein
|
crypt_cbc
|
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a large…
|
NVD-CWE-Other
|
CVE-2006-0898
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
