Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-03-07 | CVE-2006-0741 | Denial of Service vulnerability in Linux Kernel ELF File Entry Point Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." | 1.2 |
| 2006-03-07 | CVE-2006-1030 | Information Disclosure vulnerability in Joomla 1.0.7 Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. | 5.0 |
| 2006-03-07 | CVE-2006-1029 | Cross-Site Scripting vulnerability in Joomla 1.0.7 The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags. network joomla | 4.3 |
| 2006-03-07 | CVE-2006-1028 | Denial-Of-Service vulnerability in Joomla 1.0.7 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | 7.8 |
| 2006-03-07 | CVE-2006-1027 | Information Disclosure vulnerability in Joomla 1.0.7 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. | 5.0 |
| 2006-03-07 | CVE-2006-1026 | Remote Security vulnerability in JFacets JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID. | 7.5 |
| 2006-03-07 | CVE-2006-1025 | Cross-Site Scripting vulnerability in Addsoft Storebot 2002 Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. network addsoft | 6.8 |
| 2006-03-07 | CVE-2006-1024 | SQL Injection vulnerability in Addsoft Storebot 2005 SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 Professional allows remote attackers to execute arbitrary SQL commands via the Pwd parameter. | 7.5 |
| 2006-03-07 | CVE-2006-1023 | Directory Traversal vulnerability in HP System Management Homepage 2.0.0/2.1.4 Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors. | 5.0 |
| 2006-03-07 | CVE-2006-1022 | Remote PHP Script Code Injection vulnerability in Pehepe Membership Management System 3.0 PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to include and execute arbitrary PHP code via a URL in the uye_klasor parameter, along with a misafir[] parameter that is set to UYE_SEVIYE. | 5.0 |