|
345421
|
- |
|
simplemachines
|
smf
|
SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remote attackers to execute arbitrary SQL commands via the cur_cat parameter.
|
CWE-89
SQL Injection
|
CVE-2006-4564
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345422
|
- |
|
simplemachines
|
smf
|
Successful exploitation requires privileges to add a new board.
|
CWE-89
SQL Injection
|
CVE-2006-4564
|
2017-07-20 10:33 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345423
|
- |
|
jetstat.com
|
js_asp_faq_manager
|
SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP Faq Manager 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the uid parameter, a different vector…
|
NVD-CWE-Other
|
CVE-2006-4590
|
2017-07-20 10:33 |
2006-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345424
|
- |
|
mailenable
|
mailenable_enterprise
mailenable_professional
mailenable_standard
|
SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows remote attackers to cause a denial of service via an SPF lookup for a domain with a large number of…
|
NVD-CWE-Other
|
CVE-2006-4616
|
2017-07-20 10:33 |
2006-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345425
|
- |
|
vcd-db
|
vcd-db
|
Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when handling comments.
|
NVD-CWE-Other
|
CVE-2006-4628
|
2017-07-20 10:33 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345426
|
- |
|
squiz
|
mysource_classic
|
Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related …
|
NVD-CWE-Other
|
CVE-2006-4635
|
2017-07-20 10:33 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345427
|
- |
|
drupal
|
drupal_pathauto_module
|
Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto module before pathauto_node.inc 1.17.2.1 and the Drupal 4.6 Pathauto module before pathauto_node.inc 1.14.2.1 allows remote attacke…
|
NVD-CWE-Other
|
CVE-2006-4646
|
2017-07-20 10:33 |
2006-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345428
|
- |
|
php_fusion
|
php_fusion
|
Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks …
|
NVD-CWE-Other
|
CVE-2006-4673
|
2017-07-20 10:33 |
2006-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345429
|
- |
|
php_fusion
|
php_fusion
|
Successful exploitation requires that "register_globals" and "magic_quotes_gpc" are disabled.
This vulnerability is addressed in the following product release:
PHP-Fusion, PHP_Fusion, 6.01.5
|
NVD-CWE-Other
|
CVE-2006-4673
|
2017-07-20 10:33 |
2006-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345430
|
- |
|
newsgator
|
feeddemon
|
Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow remote attackers to inject arbitrary web script or HTML via an Atom 1.0 feed, as demonstrated by certa…
|
NVD-CWE-Other
|
CVE-2006-4710
|
2017-07-20 10:33 |
2006-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
