Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5935 | 1 Shopsystems | 1 Shopsystems | 2017-07-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ShopSystems 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the sessid parameter. | |||||
| CVE-2006-5938 | 1 Grisoft | 1 Avg Antivirus | 2017-07-19 | 10.0 HIGH | N/A |
| Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file. | |||||
| CVE-2006-5939 | 1 Grisoft | 1 Avg Antivirus | 2017-07-19 | 7.8 HIGH | N/A |
| Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-5947 | 1 Conxint | 1 Conxint Ftp Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Conxint FTP Server 2.2.0603, and possibly earlier, allow remote attackers to read arbitrary files and list arbitrary directories via directory traversal sequences in (1) DIR (LIST or NLST) and (2) GET (RETR) commands. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2006-5949 | 1 Altools | 1 Alftp Ftp Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote attackers to create arbitrary directories via directory traversal sequences in a MKD request. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2006-5950 | 1 Altools | 1 Alftp Ftp Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in ALTools ALFTP FTP Server 4.1 beta 1, and possibly earlier, allows remote authenticated users to obtain the installation path via unknown vectors related to the REN command, probably due to response messages. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2006-5959 | 1 Web Inhabit | 1 A\+ Store E-commerce | 2017-07-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.asp in A+ Store E-Commerce allows remote attackers to execute arbitrary SQL commands via the ParentID parameter. | |||||
| CVE-2006-5960 | 1 Web Inhabit | 1 A\+ Store E-commerce | 2017-07-19 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in account_login.asp in A+ Store E-Commerce allow remote attackers to inject arbitrary web script or HTML via the (1) username (txtUserName) and (2) password (txtPassword) parameters. NOTE: portions of these details are obtained from third party information. | |||||
| CVE-2006-5963 | 1 Pentaware | 2 Pentasuite-pro, Pentazip | 2017-07-19 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows user-assisted remote attackers to extract files to arbitrary pathnames via a ../ (dot dot slash) in a filename. | |||||
| CVE-2006-5964 | 1 Pentaware | 2 Pentasuite-pro, Pentazip | 2017-07-19 | 7.1 HIGH | N/A |
| choShilA.bpl in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows local users, and user-assisted remote attackers to cause a denial of service (system crash) by right clicking on a file with a long filename. | |||||
| CVE-2006-5969 | 1 Fvwm | 1 Fvwm | 2017-07-19 | 4.6 MEDIUM | N/A |
| CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308. | |||||
| CVE-2006-5972 | 1 Netgear | 2 Wg111v2, Wg111v2 Driver | 2017-07-19 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request. | |||||
| CVE-2006-5978 | 1 E-xoopport | 1 E-xoopport | 2017-07-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in E-Xoopport before 2.2.0 has unknown impact and attack vectors, as addressed by "Some security fix." | |||||
| CVE-2006-5979 | 1 Renasoft | 1 Netjetserver | 2017-07-19 | 5.0 MEDIUM | N/A |
| Renasoft NetJetServer 2.5.3.939, and possibly earlier, uses insecure permissions for Global.asa, which allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2006-5980 | 1 Renasoft | 1 Netjetserver | 2017-07-19 | 10.0 HIGH | N/A |
| adm_lgn_admin.asp in Renasoft NetJetServer 2.5.3.939, and possibly earlier, does not properly perform login authentication, which allows remote attackers to obtain administrative privileges. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2006-5981 | 1 Biba Software | 1 Seleniumserver Ftp Server | 2017-07-19 | 6.4 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in SeleniumServer FTP Server 1.0, and possibly earlier, allow remote attackers to list arbitrary directories, read arbitrary files, and upload arbitrary files via directory traversal sequences in the (1) DIR (LIST or NLST), (2) GET (RETR), and (3) PUT (STOR) commands. | |||||
| CVE-2006-5982 | 1 Biba Software | 1 Seleniumserver Ftp Server | 2017-07-19 | 10.0 HIGH | N/A |
| SeleniumServer FTP Server 1.0, and possibly earlier, stores user passwords in plaintext in the Servers directory, which allows attackers to obtain passwords by reading the file. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | |||||
| CVE-2006-6009 | 1 Sun | 2 Jdk, Jre | 2017-07-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) Swing library in JDK and JRE 5.0 Update 7 and earlier allows attackers to obtain certain information via unknown attack vectors, related to an untrusted applet accessing data in other applets. | |||||
| CVE-2006-6012 | 1 Mginternet | 1 Car Site Manager | 2017-07-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in csm/asp/listings.asp in MGinternet Car Site Manager (CSM) allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6035 | 1 F-art Agency | 1 Blog Cms | 2017-07-19 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in list.php in BLOG:CMS 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the FADDR parameter. | |||||