Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-06-02 | CVE-2006-2763 | SQL-Injection vulnerability in PRE Projects PRE News Manager 1.0 SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. | 6.4 |
| 2006-06-02 | CVE-2006-2762 | Information Disclosure vulnerability in Webcalendar 1.0.3 PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a user_inc setting that is used in an include_once call. | 6.4 |
| 2006-06-02 | CVE-2006-2761 | SQL Injection vulnerability in Hitachi Hitsenser3 SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITSENSER3/PUP, HITSENSER3/STP, and HITSENSER3/EUP allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 6.4 |
| 2006-06-02 | CVE-2006-2760 | SQL Injection vulnerability in Warpspeed 4Nforum 0.91 SQL injection vulnerability in modules.php in 4nNukeWare 4nForum 0.91 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | 7.5 |
| 2006-06-02 | CVE-2006-2759 | Remote Security vulnerability in Jetty 6.0Beta16 jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations. | 5.0 |
| 2006-06-02 | CVE-2006-2758 | Path Traversal vulnerability in Jetty 6.0 Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. | 5.0 |
| 2006-06-02 | CVE-2006-2757 | Cross-Site Scripting vulnerability in Chipmunk Guestbook Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) start parameter in (a) index.php; (2) forumID parameter in index.php, (b) newtopic.php, and (c) reply.php; and (3) ID parameter to (d) edit.php. network chipmunk-scripts | 4.3 |
| 2006-06-02 | CVE-2006-2756 | Remote Denial of Service vulnerability in Eitsop MY web Server 1.0 Eitsop My Web Server 1.0 allows remote attackers to cause a denial of service (application crash) via a long GET request. | 5.0 |
| 2006-06-02 | CVE-2006-2755 | Cross-Site Scripting vulnerability in UBBThreads Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords. network ubbcentral | 4.3 |
| 2006-06-02 | CVE-2006-2655 | Unspecified vulnerability in Freebsd The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | 6.4 |