Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-23 | CVE-2006-0852 | Remote PHP Script Code Execution vulnerability in Admbook Direct static code injection vulnerability in write.php in Admbook 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via the X-Forwarded-For HTTP header field, which is inserted into content-data.php. | 7.5 |
| 2006-02-23 | CVE-2006-0851 | SQL Injection vulnerability in IlchClan SQL injection vulnerability in the forum module of ilchClan 1.05g and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, when creating a newpost. | 7.5 |
| 2006-02-23 | CVE-2006-0850 | SQL-Injection vulnerability in ilchClan SQL injection vulnerability in include/includes/user/login.php in ilchClan before 1.05g allows remote attackers to execute arbitrary SQL commands via the login_name parameter. | 7.5 |
| 2006-02-22 | CVE-2006-0848 | Configuration vulnerability in Apple mac OS X and mac OS X Server The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata (resource fork) that invokes the Terminal, which automatically interprets the script using bash, as demonstrated using a ZIP file that contains a script with a safe file extension. | 5.1 |
| 2006-02-22 | CVE-2006-0847 | Directory Traversal vulnerability in CherryPy StaticFilter Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via ".." sequences in unspecified vectors. | 5.0 |
| 2006-02-22 | CVE-2006-0846 | HTML Injection vulnerability in Leif M. Wright web Blog 3.5 Multiple cross-site scripting (XSS) vulnerabilities in Leif M. network leif-m-wright | 4.3 |
| 2006-02-22 | CVE-2006-0845 | Remote Security vulnerability in Leif M. Wright web Blog 3.5 Leif M. | 6.5 |
| 2006-02-22 | CVE-2006-0844 | Unspecified vulnerability in Leif M. Wright web Blog 3.5 Leif M. | 7.5 |
| 2006-02-22 | CVE-2006-0843 | Information Disclosure vulnerability in Leif M. Wright web Blog 3.5 Leif M. | 5.0 |
| 2006-02-22 | CVE-2006-0842 | Cross-Site Scripting vulnerability in Calacode Atmail Webmail System 4.3 Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote attackers to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail message, as demonstrated by "java	script:." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | 4.3 |