Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-12 | CVE-2006-2323 | Remote Security vulnerability in Smartisoft PHPlistpro 2.0 Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. | 5.1 |
| 2006-05-12 | CVE-2006-2322 | Unspecified vulnerability in Cisco products The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143. | 6.4 |
| 2006-05-12 | CVE-2006-2321 | Input Validation vulnerability in IdealBB Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to inject arbitrary web script or HTML via unknown vectors. network ideal-science | 4.3 |
| 2006-05-12 | CVE-2006-2320 | Input Validation vulnerability in IdealBB Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. | 7.5 |
| 2006-05-12 | CVE-2006-2319 | Input Validation vulnerability in IdealBB Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the ".asp" portion of the filename. | 5.0 |
| 2006-05-12 | CVE-2006-2318 | Input Validation vulnerability in IdealBB Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. | 7.5 |
| 2006-05-12 | CVE-2006-2317 | Input Validation vulnerability in IdealBB Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject. | 5.0 |
| 2006-05-12 | CVE-2006-2316 | Local Information Disclosure vulnerability in Intel PROset/Wireless S24EvMon.exe in the Intel PROset/Wireless software, possibly 10.1.0.33, uses a S24EventManagerSharedMemory shared memory section with weak permissions, which allows local users to read or modify passwords or other data, or cause a denial of service. | 4.9 |
| 2006-05-12 | CVE-2006-2273 | Remote Buffer Overflow vulnerability in Verisign i-Nav ActiveX Control The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabinet (.CAB) files, which allows remote attackers to run an arbitrary executable file. | 9.3 |
| 2006-05-11 | CVE-2006-2307 | HTML Injection vulnerability in Website Baker Website Baker 2.5.2/2.6/2.6.1 Cross-site scripting (XSS) vulnerability in Website Baker CMS before 2.6.4 allows remote attackers to inject arbitrary web script or HTML via a user display name. network website-baker | 4.3 |