|
346001
|
- |
|
speedproject
|
speedcommander squeez zipstar
|
Directory traversal vulnerability in SpeedProject Squeez 5.1, as used in (1) ZipStar 5.1 and (2) SpeedCommander 11.01.4450, allows remote attackers to overwrite arbitrary files via unspecified manipu…
|
NVD-CWE-Other
|
CVE-2006-0890
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346002
|
- |
|
simple_machines
|
simple_machines_forum
|
Cross-site scripting (XSS) vulnerability in Sources/Register.php in Simple Machine Forum (SMF) 1.0.6 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For HTTP header…
|
CWE-79
Cross-site Scripting
|
CVE-2006-0896
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346003
|
- |
|
lincoln_d._stein
|
crypt_cbc
|
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a large…
|
NVD-CWE-Other
|
CVE-2006-0898
|
2018-10-19 01:29 |
2006-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346004
|
- |
|
4images
|
image_gallery_management_system
|
Directory traversal vulnerability in index.php in 4Images 1.7.1 and earlier allows remote attackers to read and include arbitrary files via ".." (dot dot) sequences in the template parameter.
|
NVD-CWE-Other
|
CVE-2006-0899
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346005
|
- |
|
top_line
|
d3jeeb_pro
|
SQL injection vulnerability in D3Jeeb Pro 3 allows remote attackers to execute arbitrary SQL commands via the catid parameter in (1) fastlinks.php and (2) catogary.php.
|
NVD-CWE-Other
|
CVE-2006-0906
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346006
|
- |
|
francisco_burzi
|
php-nuke
|
SQL injection vulnerability in PHP-Nuke before 7.8 Patched 3.2 allows remote attackers to execute arbitrary SQL commands via encoded /%2a (/*) sequences in the query string, which bypasses regular ex…
|
NVD-CWE-Other
|
CVE-2006-0907
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346007
|
- |
|
francisco_burzi
|
php-nuke
|
PHP-Nuke 7.8 Patched 3.2 allows remote attackers to bypass SQL injection protection mechanisms via /%2a (/*) sequences with the "ad_click" word in the query string, as demonstrated via the kala param…
|
NVD-CWE-Other
|
CVE-2006-0908
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346008
|
- |
|
invision_power_services
|
invision_power_board
|
Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including…
|
NVD-CWE-Other
|
CVE-2006-0909
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346009
|
- |
|
invision_power_services
|
invision_power_board
|
Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to list directory contents via a direct request to multiple directories, including (1) sources/loginauth/convert/, (2) sources/por…
|
NVD-CWE-Other
|
CVE-2006-0910
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346010
|
- |
|
ipswitch
|
whatsup
|
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) …
|
CWE-399
Resource Management Errors
|
CVE-2006-0911
|
2018-10-19 01:29 |
2006-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|