Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-13 | CVE-2006-1757 | Input Validation vulnerability in Bill Shupp Vegadns 0.99 Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | 2.6 |
| 2006-04-13 | CVE-2006-1756 | SQL Injection vulnerability in Matthew Dingley MD News 1 MD News 1 allows remote attackers to bypass authentication via a direct request to a script in the Administration Area. | 7.5 |
| 2006-04-13 | CVE-2006-1755 | SQL Injection vulnerability in Matthew Dingley MD News 1 SQL injection vulnerability in admin.php in MD News 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2006-04-13 | CVE-2006-1754 | SQL Injection vulnerability in Swsoft Confixx 3.0.6/3.0.8/3.1.2 SQL injection vulnerability in index.php in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 allows remote attackers to execute arbitrary SQL commands via the SID parameter. | 7.5 |
| 2006-04-12 | CVE-2006-1523 | Unspecified vulnerability in Linux Kernel 2.6.16 The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON. | 10.0 |
| 2006-04-12 | CVE-2006-1752 | Input Validation vulnerability in MvBlog Multiple cross-site scripting (XSS) vulnerabilities in the backend in MvBlog before 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) body fields in a comment. | 2.6 |
| 2006-04-12 | CVE-2006-1751 | SQL Injection vulnerability in Michiel VAN Baak Mvblog Multiple SQL injection vulnerabilities in MvBlog before 1.6 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2006-04-12 | CVE-2006-1750 | Cross-Site Scripting vulnerability in JMB Software Autogallery 0.41 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Autogallery 0.41 allow remote attackers to inject arbitrary web script or HTML via the (1) pic or (2) show parameters. | 2.6 |
| 2006-04-12 | CVE-2006-1749 | Code Injection vulnerability in Smartisoft PHPlistpro 2.01 PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. | 7.5 |
| 2006-04-12 | CVE-2006-1748 | Unspecified vulnerability in XMB Software XMB Forum 1.9.5 Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitrary web script or HTML by uploading a Flash (.SWF) video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript. | 2.6 |