Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-11 | CVE-2006-1719 | Denial-Of-Service vulnerability in Microsoft IE 6 Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) via any scrollbar Cascading Style Sheets (CSS) property. | 5.0 |
| 2006-04-11 | CVE-2006-1718 | Information Disclosure vulnerability in Clever Copy Connect.INC Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc. | 5.0 |
| 2006-04-11 | CVE-2006-1717 | HTML Injection vulnerability in Mybulletinboard 1.10 Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username. | 5.1 |
| 2006-04-11 | CVE-2006-1716 | HTML Injection vulnerability in Mybulletinboard 1.10 Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. | 5.1 |
| 2006-04-11 | CVE-2006-1715 | Remote Directory Traversal vulnerability in Tugzip 3.1.0.2/3.3/3.4 Multiple directory traversal vulnerabilities in Christian Kindahl TUGZip 3.4.0.0, 3.3.0.0, and 3.1.0.2 allow user-assisted attackers to create files in arbitrary directories via a .. | 5.0 |
| 2006-04-11 | CVE-2006-1714 | Cross-Site Scripting vulnerability in PHPmyforum 4.0 CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject HTTP headers via hex-encoded CRLF sequences in the type parameter. | 7.5 |
| 2006-04-11 | CVE-2006-1713 | Cross-Site Scripting vulnerability in PHPmyforum 4.0 Cross-site scripting (XSS) vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter. network phpmyforum | 6.8 |
| 2006-04-11 | CVE-2006-1192 | Improper Input Validation vulnerability in multiple products Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by spoofing the address bar and other parts of the trust UI via unknown methods that allow "window content to persist" after the user has navigated to another site, aka the "Address Bar Spoofing Vulnerability." NOTE: this is a different vulnerability than CVE-2006-1626. | 2.6 |
| 2006-04-11 | CVE-2006-1191 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site. | 4.0 |
| 2006-04-11 | CVE-2006-1190 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code. | 10.0 |