Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2006-03-30	CVE-2006-1495	SQL Injection vulnerability in PhpCollab Sendpassword.PHP SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option. network low complexity netoffice phpcollab	7.5
2006-03-29	CVE-2006-1493	Input Validation vulnerability in Explorer XP Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP allows remote attackers to inject arbitrary web script or HTML via the chemin parameter. network nikolay-avrionov	4.3
2006-03-29	CVE-2006-1492	Input Validation vulnerability in Explorer XP Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrary files via the chemin parameter. network low complexity nikolay-avrionov	5.0
2006-03-29	CVE-2006-1491	Code Injection vulnerability in Horde Application Framework Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer. network low complexity horde CWE-94	7.5
2006-03-29	CVE-2006-1489	SQL Injection vulnerability in Fusionzone Couponzone 4.2 Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. network low complexity fusionzone	7.5
2006-03-29	CVE-2006-1488	Remote Security vulnerability in Activecampaign Supporttrio 2.50.2 ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message. network low complexity activecampaign	5.0
2006-03-29	CVE-2006-1487	Cross-Site Scripting vulnerability in Activecampaign Supporttrio 2.50.2 Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. network activecampaign	4.3
2006-03-29	CVE-2006-1486	Cross-Site Scripting vulnerability in RealestateZONE Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in realestateZONE 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) bamin, (2) bemin, (3) pmin, and (4) state parameters. network fusionzone	4.3
2006-03-29	CVE-2006-1485	Unspecified vulnerability in Greymatter gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. network low complexity greymatter	6.5
2006-03-29	CVE-2006-1484	Local Privilege Escalation vulnerability in Genius VideoCAM NB Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog. local low complexity kye	7.2

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities