Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-15 | CVE-2006-6570 | Input Validation vulnerability in Genesistrader 1.0 Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action. | 7.5 |
2006-12-15 | CVE-2006-6569 | Input Validation vulnerability in Genesistrader 1.0 form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter. | 7.8 |
2006-12-15 | CVE-2006-6568 | File Include vulnerability in Mxbb KB Mods 2.0.2 Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. | 10.0 |
2006-12-15 | CVE-2006-6567 | File Include vulnerability in Mxbb KB Mods 2.0.2 PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 10.0 |
2006-12-15 | CVE-2006-6566 | Remote Security vulnerability in Mxbb 0.91C PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 7.5 |
2006-12-15 | CVE-2006-6565 | Null Pointer Dereference vulnerability in Filezilla-Project Filezilla Server 0.9.21/0.9.6 FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. | 4.0 |
2006-12-15 | CVE-2006-6564 | Denial-Of-Service vulnerability in FileZilla FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. | 4.0 |
2006-12-15 | CVE-2006-6563 | Local Buffer Overflow vulnerability in Proftpd Project Proftpd 1.3.0/1.3.0A Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value. local proftpd-project | 6.6 |
2006-12-15 | CVE-2006-6105 | Local Format String vulnerability in GNOME Display Manager GDMChooser Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog. | 4.3 |
2006-12-14 | CVE-2006-6474 | Remote Code Execution vulnerability in McAfee VirusScan For Linux Insecure DT_RPATH Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory. | 4.6 |