Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-03 | CVE-2006-1588 | Unspecified vulnerability in Netbsd The bridge ioctl (if_bridge code) in NetBSD 1.6 through 3.0 does not clear sensitive memory before copying ioctl results to the requesting process, which allows local users to obtain portions of kernel memory. | 2.1 |
2006-04-03 | CVE-2006-1587 | Local Security vulnerability in NetBSD NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file. | 2.1 |
2006-04-02 | CVE-2006-1586 | SQL Injection vulnerability in ISP Site Man Admin_Login.ASP SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan allows remote attackers to execute arbitrary SQL commands via the pass parameter. | 7.5 |
2006-04-02 | CVE-2006-1584 | Remote File Include vulnerability in Juliusz Julas Gonera Warcraft III Replay Parser PHP 1.8C Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. | 6.4 |
2006-04-02 | CVE-2006-1583 | Remote File Include vulnerability in Juliusz Julas Gonera Warcraft III Replay Parser PHP 1.8C Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. network juliusz-julas-gonera | 5.8 |
2006-04-02 | CVE-2006-1582 | Cross-Site Scripting vulnerability in Blanknberg 0.2 Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. network blanknberg | 5.8 |
2006-04-02 | CVE-2006-1581 | Directory Traversal vulnerability in Blanknberg 0.2 Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to read arbitrary files via a .. | 6.4 |
2006-04-02 | CVE-2006-1580 | Cross-Site Scripting vulnerability in Bugzero Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp. network websina | 5.8 |
2006-04-02 | CVE-2006-1579 | SQL Injection vulnerability in DbbS Topics.PHP SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter. | 7.5 |
2006-04-02 | CVE-2006-1578 | SQL-Injection vulnerability in Keystone Digital Library Suite Multiple SQL injection vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and earlier allow remote attackers to execute arbitrary SQL commands via the subject_type_id parameter in (1) the index page and (2) the search module. | 6.4 |