|
257061
|
- |
|
cyboards
|
cyboards_php_lite
|
PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disput…
|
NVD-CWE-Other
|
CVE-2006-2871
|
2024-08-8 03:15 |
2006-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257062
|
- |
|
openwiki
|
openwiki
|
Cross-site scripting (XSS) vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vend…
|
NVD-CWE-Other
|
CVE-2006-2473
|
2024-08-8 03:15 |
2006-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257063
|
- |
|
squirrelmail
|
squirrelmail
|
PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute …
|
NVD-CWE-Other
|
CVE-2006-2842
|
2024-08-8 03:15 |
2006-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257064
|
- |
|
qualiteam
|
x-cart
|
SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field, when th…
|
NVD-CWE-Other
|
CVE-2006-2827
|
2024-08-8 03:15 |
2006-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257065
|
- |
|
ispconfig
|
ispconfig
|
PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the go_info[server][classes_root] paramete…
|
CWE-94
Code Injection
|
CVE-2006-2315
|
2024-08-8 03:15 |
2006-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257066
|
- |
|
hoito
|
green_minute
|
Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date paramete…
|
NVD-CWE-Other
|
CVE-2006-1930
|
2024-08-8 03:15 |
2006-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257067
|
- |
|
bluepay
|
bluepay_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the (1) Account Name and…
|
NVD-CWE-Other
|
CVE-2006-1854
|
2024-08-8 03:15 |
2006-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257068
|
- |
|
microsoft
|
isa_server
|
Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6 packets. NOTE: An established researcher has disputed this issu…
|
NVD-CWE-Other
|
CVE-2006-1651
|
2024-08-8 03:15 |
2006-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257069
|
9.8 |
CRITICAL
Network
|
janobe
|
school_attendence_monitoring_system
school_event_management_system
|
SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and re…
|
CWE-89
SQL Injection
|
CVE-2024-33974
|
2024-08-8 02:44 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257070
|
9.8 |
CRITICAL
Network
|
vivotek
|
sd9364_firmware
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The mani…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-7441
|
2024-08-8 02:15 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
