Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-01 | CVE-2006-1567 | Cross-Site Scripting vulnerability in SiteSearch Indexer Searchresults.ASP Cross-site scripting (XSS) vulnerability in searchresults.asp in SiteSearch Indexer 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchField parameter. network sitesearch | 4.3 |
2006-03-31 | CVE-2006-1566 | Packages Insecure RUNPATH vulnerability in Debian Linux 3.1 Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. | 4.6 |
2006-03-31 | CVE-2006-1565 | Packages Insecure RUNPATH vulnerability in Debian Linux 3.1 Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. | 4.6 |
2006-03-31 | CVE-2006-1564 | Packages Insecure RUNPATH vulnerability in Debian Linux 3.1 Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain privileges by installing malicious libraries in that directory. | 4.6 |
2006-03-31 | CVE-2006-1563 | Remote Security vulnerability in Vscripts Vbook 2.0 Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts. | 7.6 |
2006-03-31 | CVE-2006-1562 | Cross-Site Scripting vulnerability in Vscripts Vbook 2.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat, and (4) tresc parameters. network vscripts | 6.8 |
2006-03-31 | CVE-2006-1561 | SQL Injection vulnerability in Vscripts Vbook 2.0 SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter. | 5.1 |
2006-03-31 | CVE-2006-1560 | SQL Injection vulnerability in Skintech PHPnewsmanager 1.48 Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php, and (e) possibly other unspecified scripts. | 7.5 |
2006-03-31 | CVE-2006-1559 | SQL-Injection vulnerability in PHP Script Index SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. | 7.5 |
2006-03-31 | CVE-2006-1558 | Cross-Site Scripting vulnerability in PHP Script Index Search Parameter Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter. network php | 6.8 |