|
315881
|
- |
|
mike_helton
|
aoblogger
|
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.
|
NVD-CWE-Other
|
CVE-2006-0312
|
2024-02-14 10:17 |
2006-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315882
|
- |
|
ca
broadcom
|
unicenter_remote_control
brightstor_mobile_backup
brightstor_arcserve_backup_laptops_desktops
business_protection_suite
desktop_protection_suite
server_protection_suite
|
The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1…
|
CWE-399
Resource Management Errors
|
CVE-2006-0306
|
2024-02-14 10:17 |
2006-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315883
|
- |
|
carnegie_mellon_university
|
snmptrapd
|
Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.
|
NVD-CWE-Other
|
CVE-2006-0250
|
2024-02-14 10:17 |
2006-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315884
|
- |
|
helm_hosting
|
helm_hosting_control_panel
|
Cross-site scripting (XSS) vulnerability in forgotPassword.asp in Helm Hosting Control Panel 3.2.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the txtEmailAddress p…
|
NVD-CWE-Other
|
CVE-2006-0211
|
2024-02-14 10:17 |
2006-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315885
|
- |
|
postnuke_software_foundation
john_lim
the_cacti_group
mantis
moodle
mediabeez
|
postnuke
adodb
cacti
mantis
moodle
mediabeez
|
The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8…
|
CWE-89
SQL Injection
|
CVE-2006-0146
|
2024-02-14 10:17 |
2006-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315886
|
- |
|
dave_carrigan
|
auth_ldap
|
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2006-0150
|
2024-02-14 10:17 |
2006-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315887
|
- |
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in WebHost Automation Ltd Helm before 3.2.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors involving the default page.
|
NVD-CWE-Other
|
CVE-2005-4747
|
2024-02-14 10:17 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315888
|
- |
|
neocrome
|
land_down_under
|
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2)…
|
NVD-CWE-Other
|
CVE-2005-4821
|
2024-02-14 10:17 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315889
|
- |
|
ethereal_group
|
ethereal
|
Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2005-4585
|
2024-02-14 10:17 |
2005-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315890
|
- |
|
clearswift
|
mimesweeper_for_web
|
Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file.
|
NVD-CWE-Other
|
CVE-2005-4526
|
2024-02-14 10:17 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
