|
279201
|
- |
|
easy_cms
|
easy_cms
|
Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored …
|
NVD-CWE-Other
|
CVE-2006-0508
|
2018-10-20 00:45 |
2006-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279202
|
- |
|
daffodil_software
|
daffodil_crm
|
SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified parameters in a login action.
|
CWE-89
SQL Injection
|
CVE-2006-0510
|
2018-10-20 00:45 |
2006-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279203
|
- |
|
ibm
|
tivoli_access_manager_for_e-business
|
Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file…
|
NVD-CWE-Other
|
CVE-2006-0513
|
2018-10-20 00:45 |
2006-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279204
|
- |
|
spip
|
spip
|
Multiple SQL injection vulnerabilities in formulaires/inc-formulaire_forum.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allow remote attackers to execute arbitrary SQL commands…
|
NVD-CWE-Other
|
CVE-2006-0517
|
2018-10-20 00:45 |
2006-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279205
|
- |
|
browsercrm
|
browsercrm
|
Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM allows remote attackers to inject arbitrary web script or HTML via certain manipulations of the query parameter, as demonstrated …
|
NVD-CWE-Other
|
CVE-2006-0521
|
2018-10-20 00:45 |
2006-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279206
|
- |
|
adobe
|
acrobat
acrobat_reader
creative_suite
illustrator
indesign
pagemaker
photoshop
premiere
version_cue
|
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-0525
|
2018-10-20 00:45 |
2006-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279207
|
- |
|
aol
|
aol_client_software
|
The default configuration of the America Online (AOL) client software allows all users to modify a certain registry value that specifies a DLL file name, which might allow local users to gain privile…
|
NVD-CWE-Other
|
CVE-2006-0526
|
2018-10-20 00:45 |
2006-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279208
|
- |
|
ca
|
messaging
|
Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via a crafte…
|
NVD-CWE-Other
|
CVE-2006-0529
|
2018-10-20 00:45 |
2006-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279209
|
- |
|
ca
|
messaging
|
Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via spoofed …
|
NVD-CWE-Other
|
CVE-2006-0530
|
2018-10-20 00:45 |
2006-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279210
|
- |
|
cybershop
|
asp_ultimate_e-commerce_script
|
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in CyberShop Ultimate E-commerce allow remote attackers to inject arbitrary web script or HTML via the (1) ortak or (2) kat paramete…
|
NVD-CWE-Other
|
CVE-2006-0534
|
2018-10-20 00:45 |
2006-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
