Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2006-05-04	CVE-2006-2186	Cross-Site Scripting vulnerability in Zenphoto 0.9/1.0.1Beta/1.0Beta zenphoto 1.0.1 beta and earlier allow remote attackers to obtain sensitive information via a direct request for the (1) /photos/themes/default/ and (2) /photos/themes/testing/ URIs, which reveals the path in an error message. network low complexity zenphoto	5.0
2006-05-04	CVE-2006-2184	Cross-Site Scripting vulnerability in Phpkb Knowledge Base Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote attackers to inject arbitrary web script or HTML via the searchkeyword parameter. network chadha-software-technologies	4.3
2006-05-04	CVE-2006-2183	Local Security vulnerability in Truecrypt Foundation Truecrypt 4.1 Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command. local low complexity truecrypt-foundation	7.2
2006-05-04	CVE-2006-2182	Remote File Include vulnerability in Albinator 2.0.8 Multiple PHP remote file inclusion vulnerabilities in (1) eday.php, (2) eshow.php, or (3) forgot.php in albinator 2.0.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Config_rootdir parameter. network low complexity albinator	6.4
2006-05-04	CVE-2006-2181	Cross-Site Scripting vulnerability in Albinator Multiple cross-site scripting (XSS) vulnerabilities in Albinator 2.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to dlisting.php or (2) preloadSlideShow parameter to showpic.php. network albinator CWE-79	4.3
2006-05-04	CVE-2006-2180	Buffer Errors vulnerability in Kmint21 Software Golden FTP Server 1.32B/2.70 Buffer overflow in Golden FTP Server Pro 2.70 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long argument to the (1) NLST or (2) APPE commands, as demonstrated by the Infigo FTPStress Fuzzer. network low complexity kmint21-software CWE-119	6.4
2006-05-04	CVE-2006-2179	Input Validation vulnerability in CyberBuild Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm. network low complexity smartwin-technology	7.5
2006-05-04	CVE-2006-2178	Cross-Site Scripting vulnerability in Smartwin Technology Cyberoffice Warehouse Builder Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allow remote attackers to inject arbitrary web script or HTML via the (1) SessionID parameter to login.asp, (2) ProductIndex parameter to browse0.htm, (3) rowcolor parameter to result.asp, or (4) heading parameter to result.asp. network smartwin-technology CWE-79	5.8
2006-05-04	CVE-2006-2177	Cross-Site Scripting vulnerability in Bitdamaged Geoblog Mod1.0 Cross-site scripting (XSS) vulnerability in viewcat.php in geoBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. network bitdamaged	4.3
2006-05-04	CVE-2006-2176	Cross-Site Scripting vulnerability in PHP Design X PHP Linkliste 1.0B Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) new_input, (2) new_url, or (3) new_name parameter. network php-design-x	5.8

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities