Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-25 | CVE-2006-2015 | Input Validation vulnerability in Web-Provence SL Site 1.0 Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. | 2.6 |
2006-04-25 | CVE-2006-2014 | Input Validation vulnerability in Web-Provence SL Site 1.0 Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. | 5.0 |
2006-04-25 | CVE-2006-2013 | Input Validation vulnerability in Web-Provence SL Site 1.0 SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. | 7.5 |
2006-04-25 | CVE-2006-2012 | Remote Format String vulnerability in Skulltag Team Skulltag 0.96D Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string. | 5.0 |
2006-04-25 | CVE-2006-2011 | Cross-Site Scripting vulnerability in 4Homepages 4Images 1.7 Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php. | 2.6 |
2006-04-25 | CVE-2006-2010 | SQL Injection vulnerability in Bloggage Check_login.ASP Multiple SQL injection vulnerabilities in check_login.asp in Bloggage allow remote attackers to execute arbitrary SQL commands via the (1) acc_name and (2) password parameter. | 7.5 |
2006-04-25 | CVE-2006-2009 | Remote File Include vulnerability in PHPmyagenda 3.0Final PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda 3.0 Final and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootagenda parameter. | 7.5 |
2006-04-25 | CVE-2006-2008 | Remote File Include vulnerability in Built2go Movie Review Movie_CLS.PHP3 PHP remote file inclusion vulnerability in movie_cls.php in Built2Go PHP Movie Review 2B and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path parameter. | 7.5 |
2006-04-25 | CVE-2006-2007 | Heap Overflow vulnerability in Winny File Transfer Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port. | 7.5 |
2006-04-25 | CVE-2006-2006 | Unspecified vulnerability in Ivan Zahariev Izarc 3.5Beta3 Multiple directory traversal vulnerabilities in IZArc Archiver 3.5 beta 3 allow remote attackers to write arbitrary files via a ..\ (dot dot backslash) in a (1) .rar, (2) .tar, (3) .zip, (4) .jar, or (5) .gz archive. | 5.0 |