|
280021
|
- |
|
siteframe
|
siteframe_beaumont
|
Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the comment_text parameter …
|
NVD-CWE-Other
|
CVE-2006-0783
|
2018-10-19 01:29 |
2006-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280022
|
- |
|
d-link
|
dwl-g700ap
|
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, pos…
|
NVD-CWE-Other
|
CVE-2006-0784
|
2018-10-19 01:29 |
2006-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280023
|
- |
|
phpkit
|
phpkit
|
Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to include and execute arbitrary local files via a direct request with a path parame…
|
NVD-CWE-Other
|
CVE-2006-0785
|
2018-10-19 01:29 |
2006-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280024
|
- |
|
phpkit
|
phpkit
|
Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_url_fopen enabled, allows remote attackers to conduct PHP remote file include attacks via a path pa…
|
NVD-CWE-Other
|
CVE-2006-0786
|
2018-10-19 01:29 |
2006-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280025
|
- |
|
dreamcost
|
hostadmin
|
PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.
|
NVD-CWE-Other
|
CVE-2006-0791
|
2018-10-19 01:29 |
2006-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280026
|
- |
|
thomastsoi
|
quirex
|
Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_…
|
CWE-22
Path Traversal
|
CVE-2006-0795
|
2018-10-19 01:29 |
2006-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280027
|
- |
|
francisco_burzi
|
php-nuke
|
The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypas…
|
NVD-CWE-Other
|
CVE-2006-0805
|
2018-10-19 01:29 |
2006-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280028
|
- |
|
john_lim
|
adodb
|
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page par…
|
CWE-79
Cross-site Scripting
|
CVE-2006-0806
|
2018-10-19 01:29 |
2006-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280029
|
- |
|
njstar
|
chinese_word_processor
japanese_word_processor
|
Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar (.njx) documents.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2006-0807
|
2018-10-19 01:29 |
2006-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280030
|
- |
|
visnetic
|
visnetic_antivirus_plug-in_for_mail_server
|
The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6.1.2, does not drop privileges before executing other programs, which allows loc…
|
NVD-CWE-Other
|
CVE-2006-0812
|
2018-10-19 01:29 |
2006-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
