Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-23 | CVE-2006-0869 | Unspecified vulnerability in Pear Liveuser Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository (PEAR) LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary files with short pathnames or possibly read arbitrary files, via a .. | 6.4 |
| 2006-02-23 | CVE-2006-0868 | SQL Injection vulnerability in PEAR::Auth Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers." | 7.5 |
| 2006-02-23 | CVE-2006-0867 | Denial-Of-Service vulnerability in South River Webdrive 6.08Build1131/8 Buffer overflow in certain versions of South River (aka SRT) WebDrive, possibly version 6.08 build 1131 and version 8, allows remote attackers to cause a denial of service (application crash and persistent erratic behavior) via a long string in the name entry field. | 5.0 |
| 2006-02-23 | CVE-2006-0866 | Remote Security vulnerability in Punbb PunBB 1.2.10 and earlier allows remote attackers to conduct brute force guessing attacks for an account's password, which may be as short as 4 characters. | 5.0 |
| 2006-02-23 | CVE-2006-0865 | Denial-Of-Service vulnerability in Punbb PunBB 1.2.10 and earlier allows remote attackers to cause a denial of service (resource consumption) by registering many user accounts quickly. | 5.0 |
| 2006-02-23 | CVE-2006-0864 | Authentication Bypass vulnerability in Hauri Virobot 2.020050817 filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value. | 10.0 |
| 2006-02-23 | CVE-2006-0863 | Directory Traversal vulnerability in Infovista Portalse 2.0Build20087 InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attackers to obtain sensitive information by specifying a nonexistent server in the server field, which reveals the path in an error message. | 5.0 |
| 2006-02-23 | CVE-2006-0862 | Directory Traversal vulnerability in Infovista Portalse 2.0Build20087 Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL. | 5.0 |
| 2006-02-23 | CVE-2006-0861 | Information Exposure vulnerability in Michael Salzer Guestbox 0.6 Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the source IP addresses of guestbook entries via a direct request to /gb/gblog. | 5.0 |
| 2006-02-23 | CVE-2006-0860 | Cross-Site Scripting vulnerability in Michael Salzer Guestbox 0.6 Multiple cross-site scripting (XSS) vulnerabilities in Michael Salzer Guestbox 0.6, and other versions before 0.8, allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags that follow a "http://" string, which bypasses a regular expression check, and (2) other unspecified attack vectors. | 4.3 |