|
280701
|
- |
|
phpremoteview
|
phpremoteview
|
Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, a…
|
NVD-CWE-Other
|
CVE-2006-2425
|
2018-10-19 01:39 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280702
|
- |
|
sun
|
jdk
jre
sdk
|
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.…
|
NVD-CWE-Other
|
CVE-2006-2426
|
2018-10-19 01:39 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280703
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (8880/tcp) in IBM WebSphere Application Server 5.0.2 and earlier, 5.1.x before 5.1.1.12, and 6.0.2 up t…
|
CWE-79
Cross-site Scripting
|
CVE-2006-2431
|
2018-10-19 01:39 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280704
|
- |
|
verosky_media
|
instant_photo_gallery
|
Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the cat_id …
|
NVD-CWE-Other
|
CVE-2006-2079
|
2018-10-19 01:38 |
2006-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280705
|
- |
|
verosky_media
|
instant_photo_gallery
|
SQL injection vulnerability in portfolio_photo_popup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not clea…
|
NVD-CWE-Other
|
CVE-2006-2080
|
2018-10-19 01:38 |
2006-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280706
|
- |
|
oracle
|
database_server
|
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. NOTE: this issue was original…
|
NVD-CWE-Other
|
CVE-2006-2081
|
2018-10-19 01:38 |
2006-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280707
|
- |
|
id_software
|
quake_3_engine
|
Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when t…
|
NVD-CWE-Other
|
CVE-2006-2082
|
2018-10-19 01:38 |
2006-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280708
|
- |
|
id_software
|
quake_3_engine
|
id Software has released patches to address this and other issues.
|
NVD-CWE-Other
|
CVE-2006-2082
|
2018-10-19 01:38 |
2006-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280709
|
- |
|
farsinews
|
farsinews
|
Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in (a) i…
|
CWE-79
Cross-site Scripting
|
CVE-2006-2084
|
2018-10-19 01:38 |
2006-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280710
|
- |
|
speedproject
|
speedcommander
squeez
|
Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attacker…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2006-2085
|
2018-10-19 01:38 |
2006-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
