Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4652 | 2 Amazing Little Picture Poll, Amazing Little Poll | 2 Amazing Little Picture Poll, Amazing Little Poll | 2018-10-17 | 7.5 HIGH | N/A |
| (1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php. | |||||
| CVE-2006-4653 | 2 Amazing Little Picture Poll, Amazing Little Poll | 2 Amazing Little Picture Poll, Amazing Little Poll | 2018-10-17 | 5.0 MEDIUM | N/A |
| (1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php). | |||||
| CVE-2006-4645 | 1 Akarru | 1 Social Bookmarking Engine | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter. | |||||
| CVE-2006-4634 | 1 Vbzoom | 1 Vbzoom | 2018-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows remote attackers to inject arbitrary web script or HTML via the UserID parameter, a different vector than CVE-2006-1133 and CVE-2005-2441. | |||||
| CVE-2006-4658 | 1 Panda | 1 Panda Platinum Internet Security | 2018-10-17 | 5.0 MEDIUM | N/A |
| Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in generated URLs that are not filtered if the user replies to a message, which might allow remote attackers to determine mail usage patterns. | |||||
| CVE-2006-4657 | 1 Panda | 1 Panda Platinum Internet Security | 2018-10-17 | 7.2 HIGH | N/A |
| Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE. | |||||
| CVE-2006-4654 | 1 Efs Software | 1 Easy Address Book Web Server | 2018-10-17 | 5.1 MEDIUM | N/A |
| Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the query string. | |||||
| CVE-2006-4655 | 2 Sco, Sun | 2 Unixware, Solaris | 2018-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value. | |||||
| CVE-2006-4661 | 1 Icq Inc | 1 Icq Toolbar | 2018-10-17 | 2.6 LOW | N/A |
| AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not properly validate the origin of the configuration web page (options2.html), which allows user-assisted remote attackers to provide a web page that contains disguised checkboxes that trick the user into reconfiguring the toolbar. | |||||
| CVE-2006-4662 | 1 Mirabilis | 1 Icq | 2018-10-17 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. | |||||
| CVE-2006-4663 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 4.6 MEDIUM | N/A |
| ** DISPUTED ** The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local users to insert Trojan horse source code that would be used during the next kernel compilation. NOTE: another researcher disputes the vulnerability, stating that he finds "Not a single world-writable file or directory." CVE analysis as of 20060908 indicates that permissions will only be weak under certain unusual or insecure scenarios. | |||||
| CVE-2006-4633 | 1 Softbb | 1 Softbb | 2018-10-17 | 5.0 MEDIUM | N/A |
| index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation path via a null or invalid page[] parameter. | |||||
| CVE-2006-4664 | 1 Premod Shadow | 1 Premod Shadow | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2006-4632 | 1 Softbb | 1 Softbb | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php. | |||||
| CVE-2006-4665 | 1 Mkportal | 1 Mkportal | 2018-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 Rc1 allows remote attackers to inject arbitrary web script or HTML via the ind parameter, possibly related to the PHP_SELF variable. NOTE: Some details are obtained from third party information. | |||||
| CVE-2006-4667 | 1 Runcms | 1 Runcms | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php. | |||||
| CVE-2006-4631 | 1 Softbb | 1 Softbb | 2018-10-17 | 6.5 MEDIUM | N/A |
| Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier, allows remote authenticated users to upload and execute arbitrary PHP code via the cache_forum parameter, which saves the code to info_options.php, which is accessible via a direct request. | |||||
| CVE-2006-4656 | 1 Web-provence | 1 Sl Site | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition. | |||||
| CVE-2006-4623 | 1 Linux | 1 Linux Kernel | 2018-10-17 | 7.8 HIGH | N/A |
| The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. | |||||
| CVE-2006-4622 | 1 Comscripts | 1 Annoncev | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
| CVE-2006-4620 | 1 Alt-n | 1 Webadmin | 2018-10-17 | 4.6 MEDIUM | N/A |
| The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account. | |||||
| CVE-2006-4619 | 1 Avira | 1 Antivir Personal | 2018-10-17 | 4.6 MEDIUM | N/A |
| The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows local users to gain system privileges via a "Shatter" style attack on the (1) IParam parameter, and the (2) PBM_GETRANGE and (3) PBM_SETRANGE messages in an unspecified progress bar. NOTE: some details are obtained from third party information. | |||||
| CVE-2006-4618 | 1 John Lim | 1 Adodb | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 and earlier, as used in Intechnic In-link 2.3.4, allows remote attackers to execute arbitrary PHP code via a URL in the ADODB_DIR parameter. | |||||
| CVE-2006-4615 | 1 Shape Services | 1 Im\+ Mobile Instant Messenger | 2018-10-17 | 4.9 MEDIUM | N/A |
| Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores usernames and passwords in plaintext in %PROGRAMFILES%\IMPlus\implus.cfg, which allows local users to obtain sensitive information by reading the file. | |||||
| CVE-2006-4614 | 1 Pocket Pc | 1 Pocket Pc | 2018-10-17 | 4.9 MEDIUM | N/A |
| PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT_USER\Software\PDAapps\VeriChat. | |||||
| CVE-2006-4612 | 1 John Andersson | 1 Zixforum | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows remote attackers to execute arbitrary SQL commands via the RepId parameter. | |||||
| CVE-2006-4608 | 1 Longino | 1 Jacome Php-revista | 2018-10-17 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php. | |||||
| CVE-2006-4607 | 1 Longino | 1 Jacome Php-revista | 2018-10-17 | 7.5 HIGH | N/A |
| admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication controls by setting the ID_ADMIN and SUPER_ADMIN parameters to 1. | |||||
| CVE-2006-4606 | 1 Longino | 1 Jacome Php-revista | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) id_temas parameter in busqueda_tema.php, the (2) cadena parameter in busqueda.php, the (3) id_autor parameter in autor.php, the (4) email parameter in lista.php, and the (5) id_articulo parameter in articulo.php. | |||||
| CVE-2006-4605 | 1 Longino | 1 Jacome Php-revista | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter. | |||||
| CVE-2006-4603 | 1 Nch Software | 1 Swift Sound Web Dictate | 2018-10-17 | 7.5 HIGH | N/A |
| NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass authentication via a null password. | |||||
| CVE-2006-4601 | 1 Annuaire | 1 1two | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-4599 | 1 Autentificator | 1 Autentificator | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in aut_verifica.inc.php in Autentificator 2.01 allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2006-4598 | 1 Sslinks | 1 Sslinks | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) go parameter and (2) id parameter in a rate action. | |||||
| CVE-2006-4597 | 1 Icblogger | 1 Icblogger | 2018-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the YID parameter. | |||||
| CVE-2006-4596 | 1 Mybace Light | 1 Mybace Light | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion in MyBace Light Skrip, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) hauptverzeichniss parameter in includes/login_check.php and the (2) template_back parameter in admin/login/content/user_daten.php. | |||||
| CVE-2006-4610 | 1 Graphiks | 1 Grapagenda | 2018-10-17 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in GrapAgenda 0.11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the page parameter. | |||||
| CVE-2006-4593 | 1 Softbb | 1 Softbb | 2018-10-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||
| CVE-2006-4591 | 1 Alstrasoft | 1 Template Seller | 2018-10-17 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in AlstraSoft Template Seller, and possibly AltraSoft Template Seller Pro 3.25, allow remote attackers to execute arbitrary PHP code via a URL in the config[template_path] parameter to (1) payment/payment_result.php or (2) /payment/spuser_result.php. | |||||
| CVE-2006-4589 | 1 Dyncms | 1 Dyncms | 2018-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in 0_admin/modules/Wochenkarte/frontend/index.php in DynCMS 6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the x_admindir parameter. | |||||
| CVE-2006-4600 | 1 Openldap | 1 Openldap | 2018-10-17 | 2.3 LOW | N/A |
| slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN). | |||||
| CVE-2006-4586 | 1 Tr Forum | 1 Tr Forum | 2018-10-17 | 5.5 MEDIUM | N/A |
| The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allows remote authenticated users to perform unauthorized actions, as demonstrated by modifying user settings via the id parameter to /membres/modif_profil.php, and changing a password via /membres/change_mdp.php. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges. | |||||
| CVE-2006-4585 | 1 Tr Forum | 1 Tr Forum | 2018-10-17 | 9.0 HIGH | N/A |
| SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges. | |||||
| CVE-2006-4584 | 1 Tr Forum | 1 Tr Forum | 2018-10-17 | 7.5 HIGH | N/A |
| Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via the login and password parameters to admin/insert_admin.php. | |||||
| CVE-2006-4609 | 1 Phpprojekt | 1 Phpprojekt | 2018-10-17 | 5.1 MEDIUM | N/A |
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in the Content Management module ("Content manager") for PHProjekt 0.6.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the path_pre parameter in (1) cm_lib.inc.php, (2) doc/br.edithelp.php, (3) doc/de.edithelp.php, (4) doc/ct.edithelp.php, (5) userrating.php, and (6) listing.php, a different set of vectors than CVE-2006-4204. NOTE: a third-party researcher has disputed the impact of the cm_lib.inc.php vector, stating that it is limited to local file inclusion. CVE analysis as of 20060905 concurs, although use of ftp URLs is also possible. The remaining five vectors have also been disputed by the same third party, stating that the path_pre variable is initialized before it is used. | |||||
| CVE-2006-4574 | 1 Wireshark | 1 Wireshark | 2018-10-17 | 5.0 MEDIUM | N/A |
| Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | |||||
| CVE-2006-4651 | 1 Threesquared.net | 1 Php Download Script | 2018-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared.net (aka Ben Speakman) Php download allows remote attackers to overwrite arbitrary local files via .. (dot dot) sequence in the file parameter. | |||||
| CVE-2006-4650 | 1 Cisco | 1 Ios | 2018-10-17 | 2.6 LOW | N/A |
| Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. | |||||
| CVE-2006-4642 | 1 Auditwizard | 1 Auditwizard | 2018-10-17 | 1.7 LOW | N/A |
| AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file. | |||||
| CVE-2006-4611 | 1 Dsocks | 1 Dsocks | 2018-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the _tor_resolve function in dsocks.c in dsocks before 1.4 allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long node name. | |||||