|
346371
|
- |
|
ak-systems
|
windows_terminal
|
VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote attackers to login and view RDP or Citrix sessions.
|
NVD-CWE-Other
|
CVE-2006-4309
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346372
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FTP response, when attempting to connect with a username and password via the FTP URI.
|
CWE-20
Improper Input Validation
|
CVE-2006-4310
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346373
|
- |
|
symantec
|
enterprise_security_manager
|
The manager server in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x allows remote attackers to cause a denial of service (hang) via a malformed ESM agent request.
|
NVD-CWE-Other
|
CVE-2006-4314
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346374
|
- |
|
woltlab
|
burning_board
|
Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encode…
|
NVD-CWE-Other
|
CVE-2006-4317
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346375
|
- |
|
opensef_project
|
opensef
|
PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
NVD-CWE-Other
|
CVE-2006-4320
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346376
|
- |
|
bits-dont-bite
|
estateagent
|
PHP remote file inclusion vulnerability in estateagent.php in the EstateAgent component (com_estateagent) for Mambo, when register_globals is enabled, allows remote attackers to execute arbitrary PHP…
|
NVD-CWE-Other
|
CVE-2006-4322
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346377
|
- |
|
cityforfree
|
indexcity
|
SQL injection vulnerability in list.php in CityForFree indexcity 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cate_id parameter.
|
NVD-CWE-Other
|
CVE-2006-4323
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346378
|
- |
|
cityforfree
|
indexcity
|
Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
NVD-CWE-Other
|
CVE-2006-4324
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346379
|
- |
|
doika
|
doika_guestbook
|
Cross-site scripting (XSS) vulnerability in gbook.php in Doika guestbook 2.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
NVD-CWE-Other
|
CVE-2006-4325
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346380
|
- |
|
cloudnine_interactive
|
links_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in CloudNine Interactive Links Manager 2006-06-12 allow remote attackers to inject arbitrary web script or HTML via the (1) title, (…
|
NVD-CWE-Other
|
CVE-2006-4327
|
2018-10-18 06:34 |
2006-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|