Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-19 | CVE-2006-1262 | Input Validation vulnerability in Aspportal 3.0.0 Multiple SQL injection vulnerabilities in ASPPortal 3.00 have unknown impact and attack vectors. | 7.5 |
2006-03-19 | CVE-2006-1261 | Input Validation vulnerability in Aspportal 3.0.0 Multiple cross-site scripting (XSS) vulnerabilities in ASPPortal 3.00 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network aspportal | 4.3 |
2006-03-19 | CVE-2006-1260 | Information Disclosure vulnerability in Horde Application Framework Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check. | 5.0 |
2006-03-19 | CVE-2006-1259 | SQL-Injection vulnerability in Maian Support 1.0 Multiple SQL injection vulnerabilities in Maian Support 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) email or (2) pass parameter to admin/index.php. | 7.5 |
2006-03-19 | CVE-2006-1258 | Cross-Site Scripting vulnerability in PHPmyadmin 2.8.0.1 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the set_theme parameter. network phpmyadmin | 4.3 |
2006-03-19 | CVE-2006-1257 | Authentication Bypass vulnerability in Microsoft Commerce Server 2002 The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice. | 7.5 |
2006-03-19 | CVE-2006-1256 | HTML Injection vulnerability in Skullsplitter PHP Guestbook 2.7 Cross-site scripting (XSS) vulnerability in guestbook.php in Soren Boysen (SkullSplitter) PHP Guestbook 2.6 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 2.6 |
2006-03-19 | CVE-2006-1255 | Remote Buffer Overflow vulnerability in MERCUR Messaging 2005 IMAP Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177. | 10.0 |
2006-03-19 | CVE-2006-1254 | Remote vulnerability in BorderWare MXtreme Web Administration Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows remote attackers to have an unknown impact via unknown attack vectors. | 10.0 |
2006-03-19 | CVE-2006-1252 | Remote Command Execution vulnerability in Light Weight Calendar Light Weight Calendar 1.0 Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote attackers to execute arbitrary PHP code via the date parameter to index.php. | 7.5 |