Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-10 | CVE-2006-1146 | Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00 Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server. | 6.5 |
2006-03-10 | CVE-2006-1145 | Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00 Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients. | 6.5 |
2006-03-10 | CVE-2006-1144 | Cross-Site Scripting vulnerability in David Ravenscroft Hithost 1.0.0 Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php. | 2.6 |
2006-03-10 | CVE-2006-1143 | Cross-Site Scripting vulnerability in Ftpoed Blog Engine 1.1 Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment_body parameter, as used by the comment field, when posting a comment. network ftpoed | 4.3 |
2006-03-10 | CVE-2006-1142 | Unspecified vulnerability in Solido Systems Ravenous web Server Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact. | 5.0 |
2006-03-10 | CVE-2006-1141 | Buffer Overflow vulnerability in Inter7 QmailAdmin PATH_INFO Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable. | 7.5 |
2006-03-10 | CVE-2006-1140 | SQL Injection vulnerability in Redblog 0.5 SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |
2006-03-10 | CVE-2006-1139 | Remote Security vulnerability in CopyCentre C75 Unspecified vulnerability in the ESS/ Network Controller in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, causes the Immediate Image Overwrite feature to fail after a power loss, which could leave data exposed to attack. | 6.4 |
2006-03-10 | CVE-2006-1138 | Multiple vulnerability in Xerox WorkCentre / CopyCentre Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors. | 5.0 |
2006-03-10 | CVE-2006-1137 | Multiple vulnerability in Xerox WorkCentre / CopyCentre Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) "navigate through the directory" or (2) a "file sent to expose TCP/IP ports". | 5.0 |