|
279411
|
- |
|
pixelpost
|
photoblog
|
Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote attackers to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup.
|
NVD-CWE-Other
|
CVE-2006-0409
|
2018-10-20 00:44 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279412
|
- |
|
newsphp
|
newsphp
|
Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote attackers to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter.
|
CWE-89
SQL Injection
|
CVE-2006-0413
|
2018-10-20 00:44 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279413
|
- |
|
mywebland
|
minibloggie
|
SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the…
|
NVD-CWE-Other
|
CVE-2006-0417
|
2018-10-20 00:44 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279414
|
- |
|
topcmm_computing
|
123_flash_chat_server
|
Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitrary code via a crafted username.
|
NVD-CWE-Other
|
CVE-2006-0418
|
2018-10-20 00:44 |
2006-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279415
|
- |
|
phpxplorer
|
phpxplorer
|
Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnera…
|
CWE-22
Path Traversal
|
CVE-2006-0434
|
2018-10-20 00:44 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279416
|
- |
|
oracle
|
application_server
http_server
|
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite a…
|
NVD-CWE-noinfo
|
CVE-2006-0435
|
2018-10-20 00:44 |
2006-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279417
|
- |
|
text_rider
|
text_rider
|
Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by direc…
|
NVD-CWE-Other
|
CVE-2006-0439
|
2018-10-20 00:44 |
2006-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279418
|
- |
|
text_rider
|
text_rider
|
Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtaining the MD5 hash of the password (possibly via another vulnerability that reads i…
|
NVD-CWE-Other
|
CVE-2006-0440
|
2018-10-20 00:44 |
2006-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279419
|
- |
|
karjasoft
|
sami_ftp_server
|
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
|
NVD-CWE-Other
|
CVE-2006-0441
|
2018-10-20 00:44 |
2006-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279420
|
- |
|
mybb
|
mybb
|
Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 allow remote attackers to inject arbitrary web script or HTML via the (1) notepad parameter in a notep…
|
CWE-79
Cross-site Scripting
|
CVE-2006-0442
|
2018-10-20 00:44 |
2006-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
