Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-19 | CVE-2006-1272 | Input Validation vulnerability in Mybulletinboard 1.0.3 Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) aim, (2) yahoo, (3) msn, or (4) website field. network mybulletinboard | 4.3 |
2006-03-19 | CVE-2006-1271 | SQL Injection vulnerability in Oxynews SQL injection vulnerability in index.php in OxyNews allows remote attackers to execute arbitrary SQL commands via the oxynews_comment_id parameter. | 7.5 |
2006-03-19 | CVE-2006-1270 | Cross-Site Scripting vulnerability in Inprotect Zones.PHP Multiple cross-site scripting (XSS) vulnerabilities in zones.php in Inprotect 0.21 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Description field. network inprotect | 3.5 |
2006-03-19 | CVE-2006-1269 | Local Buffer Overflow vulnerability in Rahul Dhesi ZOO 2.10 Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. | 6.2 |
2006-03-19 | CVE-2006-1268 | Denial Of Service vulnerability in Funkwerk X2300 7.2.1 The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. | 7.8 |
2006-03-19 | CVE-2006-1267 | Remote Security vulnerability in Invision Power Services Invision Power Board 2.1.4 Invision Power Board 2.1.4 allows remote attackers to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request. | 5.1 |
2006-03-19 | CVE-2006-1266 | Cross-Site Scripting vulnerability in Virtual Communication Services Vpmi Enterprise 3.3 Cross-site scripting (XSS) vulnerability in Service_Requests.asp in VPMi Enterprise 3.3 allows remote attackers to inject arbitrary web script or HTML via the Request_Name_Display parameter. network virtual-communication-services | 4.3 |
2006-03-19 | CVE-2006-1265 | SQL Injection vulnerability in Xhawk.Net Discussion 2.0Beta2 SQL injection vulnerability in discussion.class.php in xhawk.net discussion 2.0 beta2 allows remote attackers to execute arbitrary SQL commands via the view parameter. | 7.5 |
2006-03-19 | CVE-2006-1264 | Unspecified vulnerability in Xhawk.Net Discussion 2.0Beta2 Cross-site scripting (XSS) vulnerability in xhawk.net discussion 2.0 beta2 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag. network xhawk-net | 4.3 |
2006-03-19 | CVE-2006-1263 | Cross-Site Scripting vulnerability in WordPress Multiple "unannounced" cross-site scripting (XSS) vulnerabilities in WordPress before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network wordpress | 4.3 |