Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-01-18 | CVE-2006-0248 | Remote Security vulnerability in Intracom Jetspeed 500/520 Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 and 520 and (2) Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such as user lists and configuration settings, via direct HTTP requests. | 5.0 |
2006-01-18 | CVE-2006-0247 | Cross-Site Scripting vulnerability in Netbula Anyboard Anyboard.CGI Cross-site scripting (XSS) vulnerability in anyboard.cgi in Netbula Anyboard 9.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tK parameter in a find command. network netbula | 4.3 |
2006-01-18 | CVE-2006-0246 | Cross-Site Scripting vulnerability in Widexl Download Tracker 1.0.6 Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download Tracker 1.06 allows remote attackers to inject arbitrary web script or HTML via the ID parameter. network widexl | 4.3 |
2006-01-18 | CVE-2006-0245 | Cross-Site Scripting vulnerability in Devellion Cubecart 3.0.7Pl1 Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.7-pl1 allow remote attackers to inject arbitrary web script or HTML via the (3) redir, (4) productId, (5) docId, (6) act, and (7) catId parameters in index.php; and the (8) username field in a login action in index.php. network devellion | 4.3 |
2006-01-18 | CVE-2006-0243 | Local Site Search Cross-Site Scripting vulnerability in Smbcms 2.1 Cross-site scripting (XSS) vulnerability in SMBCMS 2.1 allows remote attackers to inject arbitrary web script or HTML via the text parameter, which is used by the "Search Site" field. network smbcms | 4.3 |
2006-01-18 | CVE-2006-0044 | Remote Arbitrary Code Execution vulnerability in Albatross Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the "handling of submitted form fields". | 7.5 |
2006-01-18 | CVE-2006-0242 | Cross-Site Scripting vulnerability in PHP Fusebox PHP Fusebox 4.0.6 Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter. | 6.4 |
2006-01-18 | CVE-2006-0241 | HTML Injection vulnerability in Webmobo Wbnews 1.1.0 Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Name field. | 5.0 |
2006-01-18 | CVE-2006-0240 | SQL Injection vulnerability in 8Pixel.Net Simple Blog Multiple SQL injection vulnerabilities in Simple Blog 2.1 allow remote attackers to execute arbitrary SQL commands via the month parameter in an archives view operation and possibly certain other parameters in unspecified scripts. | 7.5 |
2006-01-18 | CVE-2006-0239 | Input Validation vulnerability in 8Pixel.Net Simple Blog 2.1 Multiple cross-site scripting (XSS) vulnerabilities in Simple Blog 2.1 allow remote attackers to inject arbitrary web script or HTML via (1) a comment to comments.asp and (2) possibly certain other fields in unspecified scripts. network 8pixel-net | 5.8 |