|
280541
|
- |
|
pwp_technologies
|
the_classified_ad_system
|
Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/main…
|
CWE-89
SQL Injection
|
CVE-2006-6349
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280542
|
- |
|
iisworks
|
listpics
|
listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb.
|
NVD-CWE-Other
|
CVE-2006-6350
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280543
|
- |
|
khaledmuratlist
|
khaledmuratlist
|
KhaledMuratList stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) CL2F9R1A2C1N.mdb or (2) Da…
|
NVD-CWE-Other
|
CVE-2006-6351
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280544
|
- |
|
frisk_software
|
f-prot_antivirus
|
FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to cause a denial of service (infinite loop) via a crafted ACE file. NOTE: this issue has at least a partial overla…
|
NVD-CWE-Other
|
CVE-2006-6352
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280545
|
- |
|
duware
|
duamazon
duarticle
duclassified
dudirectory
dudirectory_pro
dudirectory_pro_sql
dudownload
dugallery
dunews
dupaypal
dupaypal_pro
|
Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType …
|
NVD-CWE-Other
|
CVE-2006-6354
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280546
|
- |
|
duware
|
duclassmate
|
SQL injection vulnerability in default.asp in DuWare DuClassmate allows remote attackers to execute arbitrary SQL commands via the iCity parameter. NOTE: the iState parameter is already covered by C…
|
NVD-CWE-Other
|
CVE-2006-6355
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280547
|
- |
|
phpnews
|
phpnews
|
Multiple cross-site scripting (XSS) vulnerabilities in templates/link_temp.php in PHPNews 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) url, (2) id, (3) subject, (4)…
|
NVD-CWE-Other
|
CVE-2006-6356
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280548
|
- |
|
phpnews
|
phpnews
|
Successful exploitation requires that "register_globals" is enabled.
|
NVD-CWE-Other
|
CVE-2006-6356
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280549
|
- |
|
bluesocket
|
bsc_2100
|
Cross-site scripting (XSS) vulnerability in admin.pl in BlueSocket Secure Controller (BSC) before 5.2, or without 5.1.1-BluePatch, allows remote attackers to inject arbitrary web script or HTML via t…
|
NVD-CWE-Other
|
CVE-2006-6363
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280550
|
- |
|
inside_systems
|
inside_systems
|
Cross-site scripting (XSS) vulnerability in error.php in Inside Systems Mail (ISMail) 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter.
|
NVD-CWE-Other
|
CVE-2006-6364
|
2018-10-18 06:47 |
2006-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
