Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-26 | CVE-2006-2044 | Local vulnerability in IP3 Networks IP3 Netaccess 75 4.0.34 na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default password of admin. | 7.5 |
| 2006-04-26 | CVE-2006-2043 | Local vulnerability in IP3 Networks IP3 Netaccess 75 4.0.34 na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "`" (backtick) characters in the appliance's command line interface (CLI). | 4.6 |
| 2006-04-26 | CVE-2006-2041 | Remote Security vulnerability in PHPwebgallery 1.0/1.4.1/1.5.1 PhpWebGallery before 1.6.0RC1 allows remote attackers to obtain arbitrary pictures via a request to picture.php without specifying the cat parameter. | 5.0 |
| 2006-04-26 | CVE-2006-2040 | SQL Injection vulnerability in Photokorn 1.53/1.542 Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php. | 6.4 |
| 2006-04-26 | CVE-2006-2039 | SQL Injection vulnerability in Help Center Live OSTicket Module Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2006-04-26 | CVE-2006-2038 | SQL-Injection vulnerability in Ampleshop Multiple SQL injection vulnerabilities in ampleShop 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) RecordID parameter in (a) Customeraddresses_RecordAction.cfm and (b) youraccount.cfm; (2) solus parameter in (c) detail.cfm; and (3) cat parameter in (d) category.cfm. | 7.5 |
| 2006-04-26 | CVE-2006-2037 | Cross-Site Scripting vulnerability in Thwboard 3.0Beta2.84 Cross-site scripting (XSS) vulnerability in index.php in Thwboard 3.0 Beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the navpath parameter. network thwboard | 4.3 |
| 2006-04-26 | CVE-2006-1864 | Unspecified vulnerability in Linux Kernel Directory traversal vulnerability in smbfs in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences, a similar vulnerability to CVE-2006-1863. | 4.6 |
| 2006-04-26 | CVE-2006-2036 | Unspecified vulnerability in Iopus Secure Email Attachments 1.0 iOpus Secure Email Attachments (SEA), probably 1.0, does not properly handle passwords that consist of repetitions of a substring, which allows attackers to decrypt files by entering only the substring. | 2.1 |
| 2006-04-26 | CVE-2006-2035 | Local Security vulnerability in Websense Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. | 3.7 |