|
346221
|
- |
|
gnu
|
mailman
|
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CR…
|
CWE-94
Code Injection
|
CVE-2006-4624
|
2018-10-18 06:38 |
2006-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346222
|
- |
|
softbb
|
softbb
|
Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum pa…
|
NVD-CWE-Other
|
CVE-2006-4631
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346223
|
- |
|
softbb
|
softbb
|
Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select p…
|
NVD-CWE-Other
|
CVE-2006-4632
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346224
|
- |
|
softbb
|
softbb
|
index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter.
|
NVD-CWE-Other
|
CVE-2006-4633
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346225
|
- |
|
vbzoom
|
vbzoom
|
Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows remote attackers to inject arbitrary web script or HTML via the UserID parameter, a different vector than CVE-2006-1133 and CVE-…
|
NVD-CWE-Other
|
CVE-2006-4634
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346226
|
- |
|
acgv_news
|
acgv_news
|
Multiple PHP remote file inclusion vulnerabilities in ACGV News 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the PathNews parameter in (1) header.php or (2) news.php. NOTE…
|
CWE-94
Code Injection
|
CVE-2006-4637
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346227
|
- |
|
acgv_news
|
acgv_news
|
Successful exploitation requires that "register_globals" is enabled.
|
CWE-94
Code Injection
|
CVE-2006-4637
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346228
|
- |
|
c-news.fr
|
c-news
|
Multiple PHP remote file inclusion vulnerabilities in C-News.fr C-News 1.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path …
|
CWE-94
Code Injection
|
CVE-2006-4639
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346229
|
- |
|
auditwizard
|
auditwizard
|
AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.
|
NVD-CWE-Other
|
CVE-2006-4642
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346230
|
- |
|
akarru
|
social_bookmarking_engine
|
PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary P…
|
NVD-CWE-Other
|
CVE-2006-4645
|
2018-10-18 06:38 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|