Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5356 | 1 Oracle | 2 Application Server, Collaboration Suite | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J02. | |||||
| CVE-2006-5357 | 1 Oracle | 1 Application Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10.1.2.0.1, 10.1.2.0.2, and 10.1.2.1.0 has unknown impact and remote attack vectors related to the PHP Module, aka Vuln# OHS03. | |||||
| CVE-2006-5349 | 1 Oracle | 1 Http Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS07. | |||||
| CVE-2006-5358 | 1 Oracle | 1 Application Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Forms component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 has unknown impact and remote attack vectors, aka Vuln# FORM01. | |||||
| CVE-2006-5314 | 1 Phplibre | 1 Tribunalibre | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter. | |||||
| CVE-2006-5317 | 1 Jhjgubbels | 1 Eboli | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in eboli allows remote attackers to execute arbitrary PHP code via a URL in the contentSpecial parameter. | |||||
| CVE-2006-5360 | 1 Oracle | 1 Application Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Forms component in Oracle Application Server 9.0.4.2 has unknown impact and remote attack vectors, aka Vuln# FORM03. | |||||
| CVE-2006-5361 | 1 Oracle | 2 Application Server, Collaboration Suite | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03. | |||||
| CVE-2006-5362 | 1 Oracle | 1 Application Server | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 10.1.3.0.0 has unknown impact and remote attack vectors, aka Vuln# OC4J04. | |||||
| CVE-2006-5365 | 1 Oracle | 2 Application Server, E-business Suite | 2018-10-17 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10CU2, has unknown impact and remote attack vectors, aka Vuln# FORM02. | |||||
| CVE-2006-5366 | 1 Oracle | 1 Application Server | 2018-10-17 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and remote attack vectors related to (1) Oracle Containers for J2EE, aka Vuln# OC4J01, and (2) Oracle Process Mgmt & Notification, aka OPMN01. | |||||
| CVE-2006-5282 | 1 Sh-news | 1 Sh-news | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to (1) report.php, (2) archive.php, (3) comments.php, (4) init.php, or (5) news.php. | |||||
| CVE-2006-5285 | 1 Xeoport | 1 Xeoport | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in XeoPort 0.81, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the xp_body_text parameter. | |||||
| CVE-2006-5157 | 1 Trend Micro | 1 Officescan | 2018-10-17 | 5.1 MEDIUM | N/A |
| Format string vulnerability in the ActiveX control (ATXCONSOLE.OCX) in TrendMicro OfficeScan Corporate Edition (OSCE) before 7.3 Patch 1 allows remote attackers to execute arbitrary code via format string identifiers in the "Management Console's Remote Client Install name search". | |||||
| CVE-2006-5234 | 1 Phpwebsite | 1 Phpwebsite | 2018-10-17 | 7.5 HIGH | N/A |
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php, (3) Cookie.php, (4) forms.php, (5) Groups.php, (6) ModSetting.php, (7) Calendar.php, (8) DateTime.php, (9) core.php, (10) ImgLibrary.php, (11) Manager.php, and (12) Template.php, and (13) EZform.php. NOTE: CVE disputes this report, since "PHPWS_SOURCE_DIR" is defined as a constant, not accessed as a variable. | |||||
| CVE-2006-5240 | 1 Docmint | 1 Docmint Cms | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in engine/require.php in Docmint 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the MY_ENV[BASE_ENGINE_LOC] parameter. | |||||
| CVE-2006-5219 | 1 Moodle | 1 Moodle | 2018-10-17 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in blog/index.php in the blog module in Moodle 1.6.2 allows remote attackers to execute arbitrary SQL commands via a double-encoded tag parameter. | |||||
| CVE-2006-5241 | 1 Opendock | 1 Easy Gallery | 2018-10-17 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Gallery 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) file.php; (2) find_user.php, (3) lib_user.php, (4) lib_form_user.php, and (5) user.php in sw/lib_user/; (6) find_session.php and (7) session.php in sw/lib_session/; (8) comment.php and (9) lib_comment.php in sw/lib_comment/; and other unspecified PHP scripts. | |||||
| CVE-2006-5243 | 1 Opendock | 1 Easy Doc | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Doc 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) down_stat.php, (2) file.php, (3) find_file.php, (4) lib_file.php, and (5) lib_form_file.php in sw/lib_up_file/; (6) find_comment.php, (7) comment.php, and (8) lib_comment.php in sw/lib_comment/; (9) sw/lib_find/find.php; and other unspecified PHP scripts. | |||||
| CVE-2006-5245 | 1 Eazy Cart | 1 Eazy Cart | 2018-10-17 | 7.5 HIGH | N/A |
| Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/. | |||||