Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-08 | CVE-2006-1070 | Cross-Site Scripting vulnerability in Dvguestbook 1.0 Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the f parameter. network dvguestbook | 4.3 |
| 2006-03-07 | CVE-2006-1069 | Unspecified vulnerability in Geeklog Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors. | 10.0 |
| 2006-03-07 | CVE-2006-1068 | Denial-Of-Service vulnerability in Netgear Router Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | 4.9 |
| 2006-03-07 | CVE-2006-1067 | Remote IRC Denial Of Service vulnerability in Multiple Router Vendor Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | 5.0 |
| 2006-03-07 | CVE-2006-1065 | SQL-Injection vulnerability in Mybulletinboard 1.04 SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter. | 5.0 |
| 2006-03-07 | CVE-2006-1064 | Input Validation vulnerability in Lurker 0.1A/2.0 Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 2.6 |
| 2006-03-07 | CVE-2006-1063 | Input Validation vulnerability in Lurker 0.1A/0.2 Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox". | 5.0 |
| 2006-03-07 | CVE-2006-1062 | Input Validation vulnerability in Lurker 0.1A/0.2 Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier allows attackers to read arbitrary files via unknown vectors. | 5.0 |
| 2006-03-07 | CVE-2006-1051 | SQL Injection vulnerability in Akarru Social BookMarking Engine 0.4.3.2/0.4.3.3 SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php. | 7.5 |
| 2006-03-07 | CVE-2006-1049 | SQL Injection vulnerability in Joomla Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |