Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-27 | CVE-2006-5568 | Resource Management Errors vulnerability in Datawizard Ftpxq 3.0.1 FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command. | 5.0 |
| 2006-10-27 | CVE-2006-5566 | HTTP Response Splitting vulnerability in Shop-Script CRLF injection vulnerability in premium/index.php in Shop-Script allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the (1) links_exchange, (2) news, (3) search_with_change_category_ability, (4) logging, (5) feedback, (6) show_price, (7) register, (8) answer, (9) productID, and (10) inside parameters. | 5.0 |
| 2006-10-27 | CVE-2006-5565 | HTTP Response Splitting vulnerability in MAXdev MD-Pro CRLF injection vulnerability in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary HTTP headers via a CRLF sequence in the (1) name, (2) file, (3) module, and (4) func parameters in (a) index.php; and the (5) file parameter in (b) modules.php. | 5.0 |
| 2006-10-27 | CVE-2006-5564 | Cross-Site Scripting vulnerability in MAXdev MD-Pro User.PHP Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. network maxdev | 4.3 |
| 2006-10-27 | CVE-2006-5563 | Remote Buffer Overflow vulnerability in Yahoo Messenger 8.0 Unspecified vulnerability in Yahoo! Messenger (Service 18) before 8.1.0.195 allows remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted room name in a Conference Invite. | 5.0 |
| 2006-10-27 | CVE-2006-5560 | Cross-Site Scripting vulnerability in Boesch It-Consulting Progsys Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php, and unspecified vectors related to certain other files. | 4.3 |
| 2006-10-27 | CVE-2006-5557 | Local Buffer Overflow vulnerability in HP Hp-Ux 11.00/11.11/11.4 Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. | 4.6 |
| 2006-10-27 | CVE-2006-5556 | Local Buffer Overflow vulnerability in HP Hp-Ux 11.00/11.11/11.4 Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable. | 4.6 |
| 2006-10-26 | CVE-2006-5550 | Local Denial of Service vulnerability in FreeBSD Crypto The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto. | 4.9 |
| 2006-10-26 | CVE-2006-5546 | Remote File Include vulnerability in OTSCMS OTSCMS.PHP PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 1.3.0 through 1.4.1 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][classes] parameter. | 5.1 |