Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-2241 | Remote File Include vulnerability in Ftrainsoft Fast Click Sqllite1.1.2/Sqllite1.1.3 PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 6.4 |
| 2006-05-09 | CVE-2006-2240 | DNS Denial Of Service vulnerability in Fujitsu NetShelter Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. | 5.0 |
| 2006-05-09 | CVE-2006-2161 | Buffer Overflow vulnerability in TZipBuilder ZIP File Buffer overflow in (1) TZipBuilder 1.79.03.01, (2) Abakt 0.9.2 and 0.9.3-beta1, (3) CAM UnZip 4.0 and 4.3, and possibly other products, allows user-assisted attackers to execute arbitrary code via a ZIP archive that contains a file with a long file name. | 5.1 |
| 2006-05-09 | CVE-2006-1172 | Remote Buffer Overflow vulnerability in TDC Cryptomathic Cenroll Activex Control 1.1.0.0 Stack-based buffer overflow in the createPKCS10 function in Cryptomathic Cenroll ActiveX Control 1.1.0.0 allows remote attackers to execute arbitrary code via vectors related to the TDC Digital signature. | 5.0 |
| 2006-05-08 | CVE-2006-2237 | Remote Arbitrary Command Execution vulnerability in Awstats 6.4/6.5 The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. | 5.1 |
| 2006-05-05 | CVE-2006-2234 | Cross-Site Scripting vulnerability in Tyrocms Beta1.0 Multiple cross-site scripting (XSS) vulnerabilities in TyroCMS beta 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript URI in an img BBCode tag, or a JavaScript event in a (2) url BBCode tag or (3) color BBCode tag. network tyrocms | 6.8 |
| 2006-05-05 | CVE-2006-2232 | HTML Injection vulnerability in Scriptsez Cute Guestbook 20060211 Cross-site scripting (XSS) vulnerability in Scriptsez Cute Guestbook 20060211 allows remote attackers to inject arbitrary web script or HTML via the Comments field when signing the guestbook. network scriptsez | 4.3 |
| 2006-05-05 | CVE-2006-2231 | HTML Injection vulnerability in Bigwebmaster Guestbook Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi. network big-webmaster | 4.3 |
| 2006-05-05 | CVE-2006-2230 | Remote Format String vulnerability in Xine 0.99.4 Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. | 5.0 |
| 2006-05-05 | CVE-2006-2229 | Denial-Of-Service vulnerability in Openvpn and Openvpn Access Server OpenVPN 2.0.7 and earlier, when configured to use the --management option with an IP that is not 127.0.0.1, uses a cleartext password for TCP sessions to the management interface, which might allow remote attackers to view sensitive information or cause a denial of service. | 4.0 |