Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-2247 | Unspecified vulnerability in Webcalendar 1.0.1/1.0.2/1.0.3 WebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames. | 5.0 |
| 2006-05-09 | CVE-2006-2246 | HTML Injection vulnerability in Uapplication Ublog 1.6Accessedition Cross-site scripting (XSS) vulnerability in UBlog 1.6 Access Edition allows remote attackers to inject arbitrary web script or HTML via text fields when adding a blog entry. network uapplication | 5.8 |
| 2006-05-09 | CVE-2006-2245 | Code Injection vulnerability in PHPbb Group PHPbb-Auction 1.0M/1.2M/1.3M PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 6.8 |
| 2006-05-09 | CVE-2006-2244 | SQL-Injection vulnerability in News Portal Multiple SQL injection vulnerabilities in Web4Future News Portal allow remote attackers to execute arbitrary SQL commands via the ID parameter to (1) comentarii.php or (2) view.php. | 6.4 |
| 2006-05-09 | CVE-2006-2243 | Cross-Site Scripting vulnerability in News Portal Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News Portal allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) comentarii.php or (2) view.php. network web4future | 5.8 |
| 2006-05-09 | CVE-2006-2242 | Remote Denial of Service vulnerability in Acftp 1.4 acFTP 1.4 allows remote attackers to cause a denial of service (application crash) via a long string with "{" (brace) characters to the USER command. | 5.0 |
| 2006-05-09 | CVE-2006-2241 | Remote File Include vulnerability in Ftrainsoft Fast Click Sqllite1.1.2/Sqllite1.1.3 PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 6.4 |
| 2006-05-09 | CVE-2006-2240 | DNS Denial Of Service vulnerability in Fujitsu NetShelter Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. | 5.0 |
| 2006-05-09 | CVE-2006-2239 | SQL Injection vulnerability in Tuomas Airaksinen Newsadmin 1.1 SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2161 | Buffer Overflow vulnerability in TZipBuilder ZIP File Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name. | 5.1 |