|
313431
|
9.8 |
CRITICAL
Network
|
vivotek
|
sd9364_firmware
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has been declared as critical. This vulnerability affects the function read of the component httpd. The mani…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-7441
|
2024-08-8 02:15 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313432
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 1.0.7 and 1.5.0.1 allows remote attackers to cause a denial of service (crash) via an HTML tag with a large number of script action handlers such as onload and onmouseover, which trig…
|
NVD-CWE-Other
|
CVE-2006-1273
|
2024-08-8 02:15 |
2006-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313433
|
- |
|
digital_builder
|
nz_ecommerce
|
Cross-site scripting (XSS) vulnerability in index.php in NZ Ecommerce allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the vendor has disputed this issu…
|
NVD-CWE-Other
|
CVE-2006-1096
|
2024-08-8 02:15 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313434
|
- |
|
digital_builder
|
nz_ecommerce
|
Multiple SQL injection vulnerabilities in NZ Ecommerce allow remote attackers to execute arbitrary SQL commands via the (1) informationID or (2) ParentCategory parameter to index.php. NOTE: the vendo…
|
NVD-CWE-Other
|
CVE-2006-1098
|
2024-08-8 02:15 |
2006-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313435
|
- |
|
kwik-pay
|
kwik-pay_payroll
|
Kwik-Pay Payroll 4.2.20, and possibly other versions, stores the KwikPay.mdb database file with insecure permissions, which allows local users to obtain sensitive information such as employment and p…
|
NVD-CWE-Other
|
CVE-2006-1050
|
2024-08-8 02:15 |
2006-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313436
|
- |
|
virtual_communication_services
|
vpmi_enterprise
|
SQL injection vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 allows remote attackers to execute arbitrary SQL commands via the UpdateID0 parameter to Service_Requests.…
|
CWE-89
SQL Injection
|
CVE-2006-0897
|
2024-08-8 02:15 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313437
|
- |
|
dotproject
|
dotproject
|
dotProject 2.0.1 and earlier allows remote attackers to obtain sensitive information via direct requests with an invalid baseDir to certain PHP scripts in the db directory, which reveal the path in a…
|
NVD-CWE-Other
|
CVE-2006-0754
|
2024-08-8 02:15 |
2006-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313438
|
- |
|
dotproject
|
dotproject
|
Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (…
|
NVD-CWE-Other
|
CVE-2006-0755
|
2024-08-8 02:15 |
2006-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313439
|
- |
|
dotproject
|
dotproject
|
dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration informa…
|
NVD-CWE-Other
|
CVE-2006-0756
|
2024-08-8 02:15 |
2006-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313440
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes such as (1) onfocus and (2) onblur in the "author'…
|
NVD-CWE-Other
|
CVE-2006-0733
|
2024-08-8 02:15 |
2006-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
