Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5435 | 1 Phpbb Group | 1 Phpbb | 2018-10-17 | 7.5 HIGH | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in groupcp.php in phpBB 2.0.10 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: CVE and the vendor dispute this vulnerability because $phpbb_root_path is defined before use. | |||||
| CVE-2006-5437 | 1 Phpadsnew | 1 Phpadsnew | 2018-10-17 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the phpAds_config[language] parameter. NOTE: this issue could not be reproduced by a third party. | |||||
| CVE-2006-5442 | 1 Viewvc | 1 Viewvc | 2018-10-17 | 6.8 MEDIUM | N/A |
| ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks that inject arbitrary UTF-7 encoded JavaScript code via a view. | |||||
| CVE-2006-5447 | 1 Dev | 1 Dev Web Management System | 2018-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in DEV Web Management System (WMS) 1.5 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | |||||
| CVE-2006-5448 | 1 Microsoft | 1 Windows Digital Rights Management | 2018-10-17 | 7.5 HIGH | N/A |
| The drmstor.dll ActiveX object in Microsoft Windows Digital Rights Management System (DRM) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long parameter to the StoreLicense function, which triggers "memory corruption" and possibly a buffer overflow. | |||||
| CVE-2006-5450 | 1 Kinesis | 1 Kinesis Interactive Cinema System | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System (KICS) CMS allows remote attackers to execute arbitrary SQL commands via the (1) txtUsername (user) or (2) txtPassword (pass) parameters. | |||||
| CVE-2006-5320 | 1 Morian | 1 Album Photo Sans Nom | 2018-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in getimg.php in Album Photo Sans Nom 1.6 allows remote attackers to read arbitrary files via the img parameter. | |||||
| CVE-2006-5452 | 1 Hp | 2 Hp-ux, Tru64 | 2018-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument. | |||||
| CVE-2006-5319 | 1 Toxi | 1 Foafgen | 2018-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in redir.php in Foafgen 0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the foaf parameter. | |||||
| CVE-2006-5343 | 1 Oracle | 1 Database Server | 2018-10-17 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbms_scheduler, aka Vuln# DB19. | |||||
| CVE-2006-5318 | 1 Nayco | 1 Jasmine | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote attackers to execute arbitrary PHP code via an FTP URL in the section parameter. | |||||
| CVE-2006-5346 | 1 Oracle | 3 Collaboration Suite, E-business Suite, Http Server | 2018-10-17 | 7.6 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Oracle Collaboration Suite 9.0.4.2 and Oracle E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors related to htdigest, aka Vuln# OHS02. | |||||
| CVE-2006-5347 | 1 Oracle | 1 Http Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Collaboration Suite 9.0.4.2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS04. | |||||
| CVE-2006-5348 | 1 Oracle | 3 Collaboration Suite, E-business Suite, Http Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS05. | |||||
| CVE-2006-5352 | 1 Oracle | 1 Apex | 2018-10-17 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Application Express 1.5 up to 1.6.1 have unknown impact and remote attack vectors, aka Vuln# (1) APEX04, (2) APEX20, and (3) APEX21. | |||||
| CVE-2006-5353 | 1 Oracle | 2 Application Server, Collaboration Suite | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors related to the Mod_rewrite Module, aka Vuln# OHS01. | |||||
| CVE-2006-5311 | 1 Buzlas | 1 Buzlas | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Buzlas 2006-1 Full allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-5354 | 1 Oracle | 4 Application Server, Collaboration Suite, E-business Suite and 1 more | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0, racle Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# OHS06. | |||||
| CVE-2006-5300 | 1 Hp | 1 Version Control Agent | 2018-10-17 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in HP Version Control Agent before 2.1.5 allows remote authenticated users to obtain "unauthorized access" to a remote Repository Manager account and potentially gain privileges via unspecified vectors. | |||||
| CVE-2006-5355 | 1 Oracle | 3 Application Server, Collaboration Suite, E-business Suite | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# SSO01. | |||||