Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1619 | 1 Ibm | 1 Websphere Application Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a large header. | |||||
| CVE-2006-1628 | 1 Adobe | 1 Livecycle Form Manager | 2017-07-19 | 4.6 MEDIUM | N/A |
| Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system. | |||||
| CVE-2006-1630 | 1 Clam Anti-virus | 1 Clamav | 2017-07-19 | 5.0 MEDIUM | N/A |
| The cli_bitset_set function in libclamav/others.c in Clam AntiVirus (ClamAV) before 0.88.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger an "invalid memory access." | |||||
| CVE-2006-1631 | 1 Cisco | 1 Content Services Switch 11500 | 2017-07-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests. | |||||
| CVE-2006-1634 | 1 Lucidcms | 1 Lucidcms | 2017-07-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the command parameter. | |||||
| CVE-2006-1635 | 1 Lucidcms | 1 Lucidcms | 2017-07-19 | 5.0 MEDIUM | N/A |
| LucidCMS 2.0.0 RC4 allows remote attackers to obtain sensitive information via a direct request to /lucid_phplib/translator.php, which reveals the path in an error message. | |||||
| CVE-2006-1642 | 1 Interact | 1 Interact | 2017-07-19 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) the search_terms parameter to (a) search.php, and (2) the first_name, (3) last_name, (4) email, (5) password, and (6) confirm_password parameters to (b) userinput.php. NOTE: the provenance of this information is unknown; the details are obtained from third party. In addition, the lack of precision in the third party descriptions makes it unclear whether the named vectors are correct. | |||||
| CVE-2006-1643 | 1 Interact | 1 Interact | 2017-07-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitrary SQL commands via the user_name parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party. | |||||
| CVE-2006-1644 | 1 Interact | 1 Interact | 2017-07-19 | 5.0 MEDIUM | N/A |
| login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-1661 | 1 Sk Soft | 1 Skforum | 2017-07-19 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SKForum 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) areaID parameter in area.View.action, (2) time parameter in planning.View.action, and (3) userID parameter in user.View.action. | |||||
| CVE-2006-1673 | 1 Jelsoft | 1 Vbug Tracker | 2017-07-19 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in vbugs.php in Dark_Wizard vBug Tracker 3.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter. | |||||
| CVE-2006-1678 | 1 Phpmyadmin | 1 Phpmyadmin | 2017-07-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.8.0.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors in unspecified scripts in the themes directory. | |||||
| CVE-2006-1682 | 1 Talentsoft | 1 Web\+ Shop | 2017-07-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in webplus.exe in TalentSoft Web+Shop 5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the deptname parameter, possibly involving the webpshop/ department.wml script. | |||||
| CVE-2006-1685 | 1 Apt | 1 Apt-webshop-system | 2017-07-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allow remote attackers to execute arbitrary SQL commands via the (1) group, (2) seite, and (3) id parameter, possibly involving the artikel functionality. NOTE: this vulnerability also allows resultant path disclosure when the SQL queries are invalid. | |||||
| CVE-2006-1690 | 1 Manic Web | 1 Mwnewsletter | 2017-07-19 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbitrary web script or HTML via the user_name parameter. | |||||
| CVE-2006-1691 | 1 Manic Web | 1 Mwnewsletter | 2017-07-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the user_name parameter to unsubscribe.php. | |||||
| CVE-2006-1693 | 1 Globalscape | 1 Secure Ftp Server | 2017-07-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in GlobalSCAPE Secure FTP Server before 3.1.4 Build 01.10.2006 allows attackers to cause a denial of service (application crash) via a "custom command" with a long argument. | |||||
| CVE-2006-1695 | 1 Fbida | 1 Fbida | 2017-07-19 | 1.2 LOW | N/A |
| The fbgs script in the fbi package 2.01-1.4, when the TMPDIR environment variable is not defined, allows local users to overwrite arbitrary files via a symlink attack on temporary files in /var/tmp/fbps-[PID]. | |||||
| CVE-2006-1696 | 1 Gallery Project | 1 Gallery | 2017-07-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2006-1698 | 1 Matt Wright | 1 Matt Wright Guestbook | 2017-07-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) url, (2) city, (3) state, or (4) country parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information, although it is likely that they are the result of post-disclosure analysis. | |||||