Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-12 | CVE-2006-1156 | Input Validation vulnerability in Manas Tungare Site Membership Script SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. | 5.0 |
| 2006-03-12 | CVE-2006-1155 | Input Validation vulnerability in Manas Tungare Site Membership Script Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp. network manas-tungare | 4.3 |
| 2006-03-10 | CVE-2006-1154 | Code Injection vulnerability in Fscripts Fantastic News 2.1.1/2.1.2/2.1.4 PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. | 7.5 |
| 2006-03-10 | CVE-2006-1153 | SQL Injection vulnerability in D2-Shoutbox 4.2 SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB). | 5.0 |
| 2006-03-10 | CVE-2006-1152 | Remote File Include vulnerability in M Phorum M Phorum 0.2 PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. | 5.0 |
| 2006-03-10 | CVE-2006-1151 | Cross-Site Scripting vulnerability in M Phorum M Phorum 0.2 Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter. | 5.0 |
| 2006-03-10 | CVE-2006-1150 | Remote Denial Of Service vulnerability in TEG Tenes Empanadas Graciela 0.11.1 Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error. | 7.8 |
| 2006-03-10 | CVE-2006-1149 | Remote File Include vulnerability in Owl Intranet Engine PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use. | 7.5 |
| 2006-03-10 | CVE-2006-1148 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Peercast 0.1211/0.1212 Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp. | 7.5 |
| 2006-03-10 | CVE-2006-1147 | Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00 The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name. | 4.0 |