Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-30 | CVE-2006-1535 | Cross-Site Scripting vulnerability in Phxcontacts 0.93/0.93.1 Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter. network phoetux-net | 4.3 |
2006-03-30 | CVE-2006-1534 | SQL Injection vulnerability in Null News Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via (1) the user_email parameter in (a) lostpass.php, and the (2) user_email and (3) user_username parameters in (b) sub.php and (c) unsub.php. | 7.5 |
2006-03-30 | CVE-2006-1533 | SQL Injection vulnerability in Sourceworkshop Newsletter 1.0 SQL injection vulnerability in newsletter.php in Sourceworkshop newsletter 1.0 allows remote attackers to execute arbitrary SQL commands via the newsletteremail parameter. | 7.5 |
2006-03-30 | CVE-2006-1532 | Cross-Site Scripting vulnerability in Deltascripts PHP Classifieds 6.18/6.20 Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. network deltascripts | 4.3 |
2006-03-30 | CVE-2006-1511 | Buffer Overflow vulnerability in Microsoft .NET Framework SDK MSIL Tools Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name. | 5.1 |
2006-03-30 | CVE-2006-1510 | Buffer Overflow vulnerability in Microsoft .NET Framework SDK MSIL Tools Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method. | 4.0 |
2006-03-30 | CVE-2006-1509 | Local Denial of Service vulnerability in HP Hp-Ux 11.00/11.11/11.23 /sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service. | 4.9 |
2006-03-30 | CVE-2006-1508 | Cross-Site Scripting vulnerability in MH Software Connect Daily 3.2.8 Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calendar_id, (2) style_sheet, and (3) start parameters in (a) ViewDay.html; the (4) txtSearch and (5) opgSearch parameters in (b) ViewSearch.html; the (6) calendar_id and (7) approved parameters in (c) ViewYear.html; the (8) item_type_id parameter in (d) ViewCal.html; and the (9) week parameter in (e) ViewWeek.html. network mh-software | 4.3 |
2006-03-30 | CVE-2006-1507 | Cross-Site Scripting vulnerability in PHPkit 1.6.03 Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/login.php. network phpkit | 6.8 |
2006-03-30 | CVE-2006-1506 | Local Security vulnerability in Grid Engine Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5.3 before 20060327 and N1 Grid Engine 6.0 before 20060327 allows local users to gain root privileges. | 7.2 |