|
345441
|
- |
|
4images
|
image_gallery_management_system
|
Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.
|
NVD-CWE-Other
|
CVE-2006-0899
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345442
|
- |
|
top_line
|
d3jeeb_pro
|
SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to execute arbitrary SQL commands via the catid parameter in (1) fastlinks.php and (2) catogary.php.
|
NVD-CWE-Other
|
CVE-2006-0906
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345443
|
- |
|
francisco_burzi
|
php-nuke
|
SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows remote attackers to execute arbitrary SQL commands via encoded /%2a (/*) sequences in the query string, which bypasses regular ex…
|
NVD-CWE-Other
|
CVE-2006-0907
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345444
|
- |
|
francisco_burzi
|
php-nuke
|
PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injection protection mechanisms via /%2a (/*) sequences with the "ad_click" word in the query string, as demonstrated via the kala param…
|
NVD-CWE-Other
|
CVE-2006-0908
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345445
|
- |
|
invision_power_services
|
invision_power_board
|
Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including…
|
NVD-CWE-Other
|
CVE-2006-0909
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345446
|
- |
|
invision_power_services
|
invision_power_board
|
Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/por…
|
NVD-CWE-Other
|
CVE-2006-0910
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345447
|
- |
|
ipswitch
|
whatsup
|
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) …
|
CWE-399
Resource Management Errors
|
CVE-2006-0911
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345448
|
- |
|
mozilla
|
bugzilla
|
SQL injection vulnerability in whineatnews.pl in Bugzilla 2.17 through 2.18.4 and 2.20 allows remote authenticated users with administrative privileges to execute arbitrary SQL commands via the whine…
|
NVD-CWE-Other
|
CVE-2006-0913
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345449
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 does not properly handle certain characters in the mostfreqthreshold parameter in duplicates.cgi, which allows remote attackers to trigger a SQL error.
|
CWE-20
Improper Input Validation
|
CVE-2006-0914
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345450
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes t…
|
NVD-CWE-Other
|
CVE-2006-0916
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
