Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-09 | CVE-2006-1094 | SQL Injection vulnerability in Woltlab Burning Board SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) database.php. | 7.5 |
| 2006-03-09 | CVE-2006-1093 | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed. | 6.4 |
| 2006-03-09 | CVE-2006-1092 | Local Denial Of Service vulnerability in Sun Solaris Proc Filesystem Pagedata Subsystem Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed. | 2.1 |
| 2006-03-09 | CVE-2006-1091 | Denial Of Service vulnerability in Kaspersky Anti-Virus 5.0.5/5.5.3 Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors. | 7.8 |
| 2006-03-09 | CVE-2006-1090 | Denial-Of-Service vulnerability in Punbb 1.2.10 register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations. | 7.8 |
| 2006-03-09 | CVE-2006-1089 | Cross-Site Scripting vulnerability in PunBB Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag. network punbb | 4.3 |
| 2006-03-09 | CVE-2006-0742 | Local Denial of Service vulnerability in Linux Kernel die_if_kernel The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems. | 4.6 |
| 2006-03-09 | CVE-2006-1088 | Input Validation and Information Disclosure vulnerability in PHP-Stats PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information via a direct request to checktables.php, which lists the database table_prefix. | 5.0 |
| 2006-03-09 | CVE-2006-1087 | Input Validation and Information Disclosure vulnerability in PHP-Stats Direct static code injection vulnerability in the modify_config action in admin.php for PHP-Stats 0.1.9.1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the option_new[compatibility_mode] parameter, which is not filtered before being stored in config.php. | 6.5 |
| 2006-03-09 | CVE-2006-1085 | Input Validation and Information Disclosure vulnerability in PHP-Stats admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the specified password. | 10.0 |