Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5408 | 1 Mobilesecure Inc | 2 Highwall Endpoint, Highwall Enterprise | 2018-10-17 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to inject arbitrary HTML or web script via unspecified vectors. | |||||
| CVE-2006-5398 | 1 Simplog | 1 Simplog | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||
| CVE-2006-5409 | 1 Mobilesecure Inc | 2 Highwall Endpoint, Highwall Enterprise | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2006-5325 | 1 Dimitri Seitz | 1 Security Suite Ip Logger | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Dimitri Seitz Security Suite IP Logger in dwingmods for phpBB allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) mkb.php, (2) iplogger.php, (3) admin_board2.php, or (4) admin_logger.php in includes/, different vectors than CVE-2006-5224. | |||||
| CVE-2006-5405 | 1 Toshiba | 1 Bluetooth Wireless Device Driver | 2018-10-17 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Toshiba Bluetooth wireless device driver 3.x and 4 through 4.00.35, as used in multiple products, allows physically proximate attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via crafted Bluetooth packets. | |||||
| CVE-2006-5407 | 1 Osticket | 1 Osticket | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. | |||||
| CVE-2006-5410 | 1 Boonex | 1 Dolphin | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter. NOTE: it is possible that this issue overlaps CVE-2006-4189. | |||||
| CVE-2006-5411 | 1 Justin White | 1 Freewps | 2018-10-17 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs. | |||||
| CVE-2006-5309 | 1 Phpbb | 1 Prillian French | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-5305 | 1 Phpbb | 1 Lat2cyr | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in lat2cyr.php in the lat2cyr 1.0.1 and earlier phpbb module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-5444 | 1 Digium | 1 Asterisk | 2018-10-17 | 7.5 HIGH | N/A |
| Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) in Asterisk 1.0.x before 1.0.12 and 1.2.x before 1.2.13, as used by Cisco SCCP phones, allows remote attackers to execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow. | |||||
| CVE-2006-5445 | 1 Digium | 1 Asterisk | 2018-10-17 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SIP channel driver (channels/chan_sip.c) in Asterisk 1.2.x before 1.2.13 and 1.4.x before 1.4.0-beta3 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of "a real pvt structure" that uses more resources than necessary. | |||||
| CVE-2006-5316 | 1 Phplibre | 1 Registrotl | 2018-10-17 | 7.8 HIGH | N/A |
| registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat. | |||||
| CVE-2006-5294 | 1 Tincan | 1 Phplist | 2018-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phplist before 2.10.3 allows remote attackers to inject arbitrary web script or HTML via the unsubscribeemail parameter. | |||||
| CVE-2006-5415 | 1 News Defilante Horizontale | 1 News Defilante Horizontale | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-5416 | 1 F5 | 1 Firepass 1000 | 2018-10-17 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | |||||
| CVE-2006-5417 | 1 Mcafee | 4 Internet Security Suite, Network Agent, Personal Firewall Plus and 1 more | 2018-10-17 | 5.0 MEDIUM | N/A |
| McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-5431 | 1 Phpoutsourcing | 1 Zorum | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in gorum/dbproperty.php in PHPOutsourcing Zorum 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appDirName parameter. | |||||
| CVE-2006-5308 | 1 Open Conference Systems | 1 Open Conference Systems | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php. | |||||
| CVE-2006-5299 | 1 Gcontact | 1 Gcontact | 2018-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Gcontact 0.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||