Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-16 | CVE-2006-2399 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Outgun 1.0/1.0.3 Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string. | 7.5 |
| 2006-05-16 | CVE-2006-2398 | Input Validation vulnerability in Gphotos 1.4 Directory traversal vulnerability in index.php in GPhotos 1.5 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2006-05-16 | CVE-2006-2397 | Input Validation vulnerability in Gphotos 1.4/1.5 Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) rep parameter to (a) index.php or (b) diapo.php or (2) image parameter to (c) affich.php. network gphotos | 5.8 |
| 2006-05-16 | CVE-2006-2396 | Cross-Site Scripting vulnerability in PHPodp 1.5H Cross-site scripting (XSS) vulnerability in phpODP 1.5h allows remote attackers to inject arbitrary web script via the browse parameter. network phpodp | 5.8 |
| 2006-05-16 | CVE-2006-2394 | Cross-Site Scripting vulnerability in Turnkey web Tools PHP Live Helper 1.8 Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter. network turnkey-web-tools | 5.8 |
| 2006-05-16 | CVE-2006-2393 | Denial-Of-Service vulnerability in Empire Server Empire Server 4.3.0/4.3.2 The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access. | 5.0 |
| 2006-05-16 | CVE-2006-2392 | Remote File Include vulnerability in Blue Dragon PHP Blue Dragon Platinum2.8.0 PHP remote file inclusion vulnerability in public_includes/pub_popup/popup_finduser.php in PHP Blue Dragon Platinum 2.8.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter. | 6.4 |
| 2006-05-16 | CVE-2006-2391 | Remote Buffer Overflow vulnerability in EMC Dantz Retrospect Backup Client Buffer overflow in EMC Retrospect Client 5.1 through 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to port 497. | 7.5 |
| 2006-05-16 | CVE-2006-2390 | Cross-Site Scripting vulnerability in Ozjournals 1.2 Cross-site scripting (XSS) vulnerability in OZJournals 1.2 allows remote attackers to inject arbitrary web script or HTML via the vname parameter in the comments functionality. network ozjournals | 5.8 |
| 2006-05-15 | CVE-2006-2369 | Improper Authentication vulnerability in VNC Realvnc 4.1.1 RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password. | 7.5 |