Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-15 | CVE-2006-0688 | Remote File Include vulnerability in Nicecoder Indexu 5.0.0/5.0.1 PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. | 7.5 |
| 2006-02-15 | CVE-2006-0666 | Local Kernel Denial Of Service vulnerability in IBM AIX 5.3/5.3L Unspecified vulnerability in the (1) unix_mp and (2) unix_64 kernels in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 allows local users to cause a denial of service (system crash) via unknown vectors related to EMULATE_VMX. | 4.9 |
| 2006-02-15 | CVE-2006-0687 | Remote File Include vulnerability in Docmgr 0.54.2 process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable. | 5.0 |
| 2006-02-15 | CVE-2006-0686 | Input Validation And Access Validation vulnerability in Virtual Hosting Control System add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access. | 10.0 |
| 2006-02-15 | CVE-2006-0685 | Input Validation And Access Validation vulnerability in Virtual Hosting Control System The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access. | 10.0 |
| 2006-02-15 | CVE-2006-0684 | Input Validation And Access Validation vulnerability in Virtual Hosting Control System change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not verify the old password when a user changes the password, which may allow remote attackers to gain unauthorized access. | 7.5 |
| 2006-02-15 | CVE-2006-0683 | Input Validation And Access Validation vulnerability in Virtual Hosting Control System Virtual Hosting Control System 2.4.7.1Patchv.1 Cross-site scripting (XSS) vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 with v.1 patch and earlier allows remote attackers to inject arbitrary web script or HTML via the username, which is recorded in a log file but not properly handled when the administrator uses the admin log utility to read the log file. network virtual-hosting-control-system | 4.3 |
| 2006-02-15 | CVE-2006-0682 | HTML Injection vulnerability in E107 Website System BBCode Multiple cross-site scripting (XSS) vulnerabilities in bbcodes system in e107 before 0.7.2 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network e107 | 4.3 |
| 2006-02-15 | CVE-2006-0681 | Remote Format String vulnerability in PowerD Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable. | 7.5 |
| 2006-02-15 | CVE-2006-0680 | Unspecified vulnerability in Plain Black Webgui Unspecified vulnerability in WebGUI before 6.8.6-gamma allows remote attackers to create an account, when anonymous registration is disabled, via a certain URL. | 5.0 |