Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-20 | CVE-2006-1894 | Cross-Site Scripting vulnerability in Revoboard 1.8 Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is transformed when the application's e-mail address obfuscator reverses the transformation. network revoboard | 4.3 |
| 2006-04-20 | CVE-2006-1893 | Cross-Site Scripting vulnerability in Ar-Blog 5.2 Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter. network ar-blog | 6.8 |
| 2006-04-20 | CVE-2006-1892 | Unspecified vulnerability in Alwil Avast Antivirus 1.0.5 avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/_avast4_ temporary directory. | 4.9 |
| 2006-04-20 | CVE-2006-1891 | HTML Injection vulnerability in Betaboard 0.1 Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. network betaboard | 4.3 |
| 2006-04-20 | CVE-2006-1890 | Code Injection vulnerability in Mywebland Myevent 1.2/1.4 Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. | 7.5 |
| 2006-04-20 | CVE-2006-1889 | Cross-Site Scripting vulnerability in Boardsolution Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword parameter). network script-solution-de | 5.8 |
| 2006-04-20 | CVE-2006-1888 | Permissions, Privileges, and Access Controls vulnerability in PHPgraphy 0.9.10/0.9.9A phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. | 6.8 |
| 2006-04-20 | CVE-2006-1887 | Multiple vulnerability in Oracle Enterpriseone 8.95.J1 Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. | 10.0 |
| 2006-04-20 | CVE-2006-1886 | Multiple vulnerability in Oracle Peoplesoft Enterprise 8.46.12/8.47.04 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.46.12 and 8.47.04 has unknown impact and attack vectors, aka Vuln# PSE01. | 10.0 |
| 2006-04-20 | CVE-2006-1885 | Multiple vulnerability in Oracle April 2006 Security Update Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02. | 10.0 |