Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4763 | 1 Ibm | 1 Lotus Domino Web Access | 2018-10-17 | 7.5 HIGH | N/A |
| IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie. | |||||
| CVE-2006-4764 | 1 Wtools | 1 Wtools | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common.php in Thomas LETE WTools 0.0.1-ALPH allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | |||||
| CVE-2006-4765 | 1 Netgear | 1 Dg834gt | 2018-10-17 | 5.0 MEDIUM | N/A |
| NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of service (device hang) via a long string in the username field in the login window. | |||||
| CVE-2006-4772 | 1 Hotplug Cms | 1 Hotplug Cms | 2018-10-17 | 5.0 MEDIUM | N/A |
| HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc. | |||||
| CVE-2006-4766 | 1 Stefan Ernst | 1 Newsscript | 2018-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in print.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allows remote attackers to read arbitrary files via a .. (dot dot) in the ide parameter. | |||||
| CVE-2006-4780 | 1 Phpbbxs | 1 Phpbb Xs | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-4793 | 1 Tualblog | 1 Tualblog | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 allow remote attackers to execute arbitrary SQL commands, as demonstrated by the icerikno parameter. | |||||
| CVE-2006-4795 | 1 Hp | 1 Hp-ux | 2018-10-17 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.11 and B.11.23 before 20060912 allows local users to cause a denial of service via unspecified vectors. | |||||
| CVE-2006-4797 | 1 Cj Design | 1 Cj Tag Board | 2018-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter. | |||||
| CVE-2006-4802 | 1 Symantec | 2 Client Security, Norton Antivirus | 2018-10-17 | 4.6 MEDIUM | N/A |
| Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor. | |||||
| CVE-2006-4805 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal) 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service (memory consumption and crash) via an encoded XOT packet that produces a zero length value when it is decoded. | |||||
| CVE-2006-4810 | 1 Gnu | 1 Texinfo | 2018-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file. | |||||
| CVE-2006-4820 | 1 Hp | 1 Hp-ux | 2018-10-17 | 2.1 LOW | N/A |
| Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||||
| CVE-2006-4864 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the RP_PATH parameter. | |||||
| CVE-2006-4823 | 1 Reamday Enterprises | 1 Magic News Pro | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in scripts/news_page.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. | |||||
| CVE-2006-4825 | 1 Softcomplex | 1 Php Event Calendar | 2018-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cl_files/index.php in SoftComplex PHP Event Calendar 1.5.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) ti, (2) bi, or (3) cbgi parameters. | |||||
| CVE-2006-4828 | 1 Photopost | 1 Photopost Php Pro | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 through 4.6 allows remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter. | |||||
| CVE-2006-4829 | 1 Blojsom | 1 Blojsom | 2018-10-17 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote attackers to inject arbitrary web script or HTML via the (1) blog-category-description, (2) blog-entry-title, (3) rss-enclosure-url, (4) technorati-tagsi, or (5) blog-category-name parameter in a blog post. | |||||
| CVE-2006-4832 | 1 Verso Netperformer | 1 Frame Relay Access Device Act | 2018-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username. | |||||
| CVE-2006-4834 | 1 Phpquiz | 1 Phpquiz | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Jule Slootbeek phpQuiz 0.01 allows remote attackers to execute arbitrary PHP code via a URL in the pagename parameter. | |||||