Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1497 | 1 Vihor | 1 Vihordesign | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter. | |||||
| CVE-2006-1558 | 1 Php | 1 Php Script Index | 2011-03-08 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2006-1764 | 1 Hosting Controller | 1 Hosting Controller | 2011-03-08 | 7.8 HIGH | N/A |
| Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2006-1506 | 1 Sun | 2 Grid Engine, N1 Grid Engine | 2011-03-08 | 7.2 HIGH | N/A |
| Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5.3 before 20060327 and N1 Grid Engine 6.0 before 20060327 allows local users to gain root privileges. | |||||
| CVE-2006-1514 | 1 Abcmidi | 1 Abcmidi | 2011-03-08 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the abcmidi-yaps translator in abcmidi 20050101, and other versions, allow remote attackers to execute arbitrary code via crafted ABC music files that trigger the overflows during translation into PostScript. | |||||
| CVE-2006-1559 | 1 Php | 1 Php Script Index | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1606 | 1 Exponent | 1 Exponent Cms | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows "directory disclosure" with unknown attack vectors. | |||||
| CVE-2006-1605 | 1 Exponent | 1 Exponent Cms | 2011-03-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows remote attackers to execute arbitrary code via unknown vectors involving "parsed PHP." | |||||
| CVE-2006-1505 | 1 Basic Analysis And Security Engine | 1 Base | 2011-03-08 | 5.0 MEDIUM | N/A |
| base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes". | |||||
| CVE-2006-1515 | 1 Typespeed | 1 Typespeed | 2011-03-08 | 7.5 HIGH | N/A |
| Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2006-1604 | 1 Exponent | 1 Exponent Cms | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables that are not "typecasted." | |||||
| CVE-2006-1745 | 1 Bitweaver | 1 Bitweaver | 2011-03-08 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the error parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1687 | 1 Apt | 1 Apt-webshop-system | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to inject arbitrary web script or HTML via the message parameter, probably involving the basket functionality. | |||||
| CVE-2006-1287 | 1 Invision Power Services | 1 Invision Power Board | 2011-03-08 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer. | |||||
| CVE-2006-1285 | 1 Symantec | 2 Ghost Solutions Suite, Norton Ghost | 2011-03-08 | 3.2 LOW | N/A |
| SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information. | |||||
| CVE-2006-1284 | 1 Symantec | 2 Ghost Solutions Suite, Norton Ghost | 2011-03-08 | 4.6 MEDIUM | N/A |
| The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks. | |||||
| CVE-2006-1218 | 1 Novell | 1 Bordermanager | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1". | |||||
| CVE-2006-1268 | 1 Funkwerk | 1 X2300 | 2011-03-08 | 7.8 HIGH | N/A |
| The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2006-1250 | 1 Amax Information Technologies | 1 Winmail | 2011-03-08 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors. | |||||
| CVE-2006-1093 | 1 Ibm | 1 Websphere Application Server | 2011-03-08 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed. | |||||