Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-0479 | 1 Pmwiki | 1 Pmwiki | 2017-07-19 | 4.3 MEDIUM | N/A |
pmwiki.php in PmWiki 2.1 beta 20, with register_globals enabled, allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable with the same name, which causes PmWiki to unset the GLOBALS[] variable but not the GPC variable, which creates resultant vulnerabilities such as remote file inclusion and cross-site scripting (XSS). | |||||
CVE-2006-0482 | 1 Linux | 1 Linux Kernel | 2017-07-19 | 2.1 LOW | N/A |
Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call. | |||||
CVE-2006-0490 | 1 Aspthai.net | 1 Aspthai Forums | 2017-07-19 | 7.5 HIGH | N/A |
SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field. | |||||
CVE-2006-0496 | 1 Mozilla | 2 Firefox, Mozilla | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding (Cascading Style Sheets) CSS property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts. | |||||
CVE-2006-0497 | 1 Php Gen | 1 Php Gen | 2017-07-19 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors. | |||||
CVE-2006-0498 | 1 Php Gen | 1 Php Gen | 2017-07-19 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
CVE-2006-0499 | 1 Yourboard | 1 Rlink | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in rlink.php in Rlink 1.0.0 module for phpBB allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2006-0503 | 1 Mailenable | 1 Mailenable Professional | 2017-07-19 | 5.0 MEDIUM | N/A |
IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command. | |||||
CVE-2006-0504 | 1 Mailenable | 1 Mailenable Enterprise | 2017-07-19 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 allows remote attackers to cause a denial of service (CPU utilization) by viewing "formatted quoted-printable emails" via webmail. | |||||
CVE-2006-0509 | 1 Cerberus | 1 Cerberus Helpdesk | 2017-07-19 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via (1) the contact_search parameter and (2) unspecified url fields. | |||||
CVE-2006-0518 | 1 Spip | 1 Spip | 2017-07-19 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in index.php3 in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||||
CVE-2006-0519 | 1 Spip | 1 Spip | 2017-07-19 | 5.0 MEDIUM | N/A |
SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier allows remote attackers to obtain sensitive information via a direct request to inc-messforum.php3, which reveals the path in an error message. | |||||
CVE-2006-0520 | 1 Dragoran | 1 Portal Module | 2017-07-19 | 7.5 HIGH | N/A |
SQL injection vulnerability index.php in Dragoran Portal module 1.3 for Invision Power Board (IPB) allows remote attackers to execute arbitrary SQL commands via the site parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2006-0522 | 1 Symantec | 1 Sygate Management Server | 2017-07-19 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS) version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL. | |||||
CVE-2006-0613 | 1 Sun | 1 J2se | 2017-07-19 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Java Web Start after 1.0.1_02, as used in J2SE 5.0 Update 5 and earlier, allows remote attackers to obtain privileges via unspecified vectors involving untrusted applications. | |||||
CVE-2006-0616 | 1 Sun | 2 Jdk, Jre | 2017-07-19 | 4.0 MEDIUM | N/A |
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue." | |||||
CVE-2006-0617 | 1 Sun | 2 Jdk, Jre | 2017-07-19 | 4.0 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues." | |||||
CVE-2006-0618 | 1 Qnx | 1 Neutrino Rtos | 2017-07-19 | 4.6 MEDIUM | N/A |
Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 allows local users to execute arbitrary code via format string specifiers in the zeroth argument (program name). | |||||
CVE-2006-0619 | 1 Qnx | 1 Rtos | 2017-07-19 | 4.6 MEDIUM | N/A |
Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library. | |||||
CVE-2006-0620 | 1 Qnx | 1 Rtos | 2017-07-19 | 6.2 MEDIUM | N/A |
Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables. |