|
279731
|
- |
|
farsinews
|
farsinews
|
Directory traversal vulnerability in FarsiNews 2.5.3 Pro and earlier allows remote attackers to obtain the installation path via ".." sequences in the archive parameter to index.php, which leaks the …
|
NVD-CWE-Other
|
CVE-2006-1823
|
2018-10-19 01:36 |
2006-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279732
|
- |
|
phpguestbook
|
phpguestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Commen…
|
NVD-CWE-Other
|
CVE-2006-1824
|
2018-10-19 01:36 |
2006-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279733
|
- |
|
snipegallery
|
snipe_gallery
|
Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery 3.1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in view.php, (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2006-1826
|
2018-10-19 01:36 |
2006-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279734
|
- |
|
opera
|
opera_browser
|
Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem m…
|
CWE-189
Numeric Errors
|
CVE-2006-1834
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279735
|
- |
|
vincent_hor
|
calendarix
calendarix_advanced
|
Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote attackers to inject arbitrary web script or HTML via the ycyear parameter.
|
NVD-CWE-Other
|
CVE-2006-1835
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279736
|
- |
|
symantec
|
liveupdate
norton_antivirus
norton_internet_security
norton_personal_firewall
norton_system_works
norton_utilities
|
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a…
|
NVD-CWE-Other
|
CVE-2006-1836
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279737
|
- |
|
php_album
|
php_album
|
PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary code via an FTP URL in the data_dir parame…
|
NVD-CWE-Other
|
CVE-2006-1839
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279738
|
- |
|
kailash_nadh
|
boastmachine
|
Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly other versions before 2.9b, allows remote attackers to inject arbitrary web script or HTML via the …
|
NVD-CWE-Other
|
CVE-2006-1841
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279739
|
- |
|
cynical_games
|
shoutbook
|
Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) NAME and (2) COMMENTS parameters.
|
NVD-CWE-Other
|
CVE-2006-1842
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279740
|
- |
|
linpha
|
linpha
|
Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, and (3) date pa…
|
NVD-CWE-Other
|
CVE-2006-1848
|
2018-10-19 01:36 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
