Weekly Vulnerabilities Reports > March 6 to 12, 2006
Overview
157 new vulnerabilities reported during this period, including 8 critical vulnerabilities and 45 high severity vulnerabilities. This weekly summary report vulnerabilities in 137 products from 102 vendors including Joomla, PHP Stats, Xerox, Sauerbraten, and Oracle. Vulnerabilities are notably categorized as "SQL Injection", "Code Injection", "Resource Management Errors", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Use of Externally-Controlled Format String".
- 147 reported vulnerabilities are remotely exploitables.
- 7 reported vulnerabilities have public exploit available.
- 4 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 149 reported vulnerabilities are exploitable by an anonymous user.
- Joomla has the most reported vulnerabilities, with 7 reported vulnerabilities.
- Netgear has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
8 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-03-09 | CVE-2006-1123 | D2Ksoft | Input Validation vulnerability in D2KBlog SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie. | 10.0 |
2006-03-09 | CVE-2006-1085 | PHP Stats | Input Validation and Information Disclosure vulnerability in PHP-Stats admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the specified password. | 10.0 |
2006-03-07 | CVE-2006-1069 | Geeklog | Unspecified vulnerability in Geeklog Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors. | 10.0 |
2006-03-07 | CVE-2006-1047 | Joomla | Remote Security vulnerability in Joomla Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. | 10.0 |
2006-03-07 | CVE-2006-1038 | VAN Dyke Technologies | Buffer Overflow vulnerability in Van Dyke SecureCRT and SecureFX Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string. | 10.0 |
2006-03-06 | CVE-2006-1002 | Netgear | Credentials Management vulnerability in Netgear Wgt624 NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. | 10.0 |
2006-03-06 | CVE-2006-1000 | G2Soft | SQL Injection vulnerability in G2Soft Pentacle In-Out Board 6.03 Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp. | 10.0 |
2006-03-07 | CVE-2006-1017 | PHP | Unspecified vulnerability in PHP The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions. | 9.3 |
45 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-03-12 | CVE-2006-1159 | EFS Software | Input Validation vulnerability in EFS Software EFS web Server 3.2 Format string vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request. | 7.8 |
2006-03-12 | CVE-2006-1158 | Kerio | Remote Denial of Service vulnerability in Kerio MailServer Kerio MailServer before 6.1.3 Patch 1 allows remote attackers to cause a denial of service (application crash) via a crafted IMAP LOGIN command. | 7.8 |
2006-03-10 | CVE-2006-1150 | TEG | Remote Denial Of Service vulnerability in TEG Tenes Empanadas Graciela 0.11.1 Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error. | 7.8 |
2006-03-09 | CVE-2006-1091 | Kaspersky LAB | Denial Of Service vulnerability in Kaspersky Anti-Virus 5.0.5/5.5.3 Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors. | 7.8 |
2006-03-09 | CVE-2006-1090 | Punbb | Denial-Of-Service vulnerability in Punbb 1.2.10 register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations. | 7.8 |
2006-03-07 | CVE-2006-1028 | Joomla | Denial-Of-Service vulnerability in Joomla 1.0.7 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | 7.8 |
2006-03-12 | CVE-2006-1164 | Nodez | Input Validation vulnerability in Nodez 4.6.1.1 Nodez 4.6.1.1 and earlier stores sensitive data in the list.gtdat file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing list.gtdat. | 7.5 |
2006-03-10 | CVE-2006-1154 | Fscripts | Code Injection vulnerability in Fscripts Fantastic News 2.1.1/2.1.2/2.1.4 PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. | 7.5 |
2006-03-10 | CVE-2006-1149 | OWL | Remote File Include vulnerability in Owl Intranet Engine PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use. | 7.5 |
2006-03-10 | CVE-2006-1148 | Peercast | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Peercast 0.1211/0.1212 Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp. | 7.5 |
2006-03-10 | CVE-2006-1141 | Inter7 | Buffer Overflow vulnerability in Inter7 QmailAdmin PATH_INFO Buffer overflow in qmailadmin.c in QmailAdmin before 1.2.10 allows remote attackers to execute arbitrary code via a long PATH_INFO environment variable. | 7.5 |
2006-03-10 | CVE-2006-1140 | Redblog | SQL Injection vulnerability in Redblog 0.5 SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |
2006-03-10 | CVE-2006-1132 | Vbzoom | SQL Injection vulnerability in Vbzoom 1.11 SQL injection vulnerability in show.php in vbzoom 1.11 allow remote attackers to execute arbitrary SQL commands via the MainID parameter. | 7.5 |
2006-03-10 | CVE-2006-1129 | Ekinboard | Input Validation vulnerability in Ekinboard 1.0.3 SQL injection vulnerability in config.php in EKINboard 1.0.3 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username cookie. | 7.5 |
2006-03-09 | CVE-2006-1124 | Revilloc Solutions | Remote Buffer Overflow vulnerability in RevilloC MailServer Buffer overflow in RevilloC MailServer and Proxy 1.21 allows remote attackers to execute arbitrary code via a long USER command. | 7.5 |
2006-03-09 | CVE-2006-1111 | Aztek Forum | HTML Injection vulnerability in Aztek Forum Aztek Forum 4.0 Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection. | 7.5 |
2006-03-09 | CVE-2006-1109 | Totalecommerce | SQL Injection vulnerability in Totalecommerce 1.0 SQL injection vulnerability in index.asp in Total Ecommerce 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-03-09 | CVE-2006-1104 | Pixelpost | Input Validation vulnerability in Pixelpost Multiple SQL injection vulnerabilities in Pixelpost 1.5 beta 1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the showimage parameter in index.php; and the (2) USER_AGENT, (3) HTTP_REFERER, and (4) HTTP_HOST HTTP header fields as used in the book_vistor function in includes/functions.php. | 7.5 |
2006-03-09 | CVE-2006-1100 | Sauerbraten | Remote vulnerability in Sauerbraten Cube and Sauerbraten Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 2006_02_28 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data. | 7.5 |
2006-03-09 | CVE-2006-1099 | Logit | Remote File Include vulnerability in Logit 1.3/1.4 PHP remote file include vulnerability in logIT 1.3 and 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the pg parameter. | 7.5 |
2006-03-09 | CVE-2006-1094 | Datenbank Module Woltlab | SQL Injection vulnerability in Woltlab Burning Board SQL injection vulnerability in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allows remote attackers to execute arbitrary SQL commands via the fileid parameter to (1) info_db.php or (2) database.php. | 7.5 |
2006-03-09 | CVE-2006-1084 | PHP Stats | Input Validation and Information Disclosure vulnerability in PHP-Stats Multiple SQL injection vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the option[prefix] parameter in admin.php and other unspecified PHP scripts, and (2) the PC_REMOTE_ADDR HTTP header to click.php. | 7.5 |
2006-03-09 | CVE-2006-1083 | PHP Stats | Input Validation and Information Disclosure vulnerability in PHP-Stats Multiple directory traversal vulnerabilities in PHP-Stats 0.1.9.1 and earlier allow remote attackers to read and possibly execute arbitrary files via a .. | 7.5 |
2006-03-09 | CVE-2006-1081 | Jonathan Beckett | SQL Injection vulnerability in Jonathan Beckett Pluggedout Nexus 0.1 SQL injection vulnerability in forgotten_password.php in Jonathan Beckett PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the email parameter. | 7.5 |
2006-03-09 | CVE-2006-1076 | Invision Power Services | SQL Injection vulnerability in Invision Power Services Invision Power Board 2.1.5 SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter. | 7.5 |
2006-03-09 | CVE-2006-1075 | Jason Boettcher | Remote Format String vulnerability in Liero Xtreme Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapname in a level (aka .lxl) file. | 7.5 |
2006-03-09 | CVE-2006-0746 | Xpdf | Multiple Unspecified vulnerability in Retired - KPDF Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627. | 7.5 |
2006-03-07 | CVE-2006-1051 | Akarru | SQL Injection vulnerability in Akarru Social BookMarking Engine 0.4.3.2/0.4.3.3 SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php. | 7.5 |
2006-03-07 | CVE-2006-1049 | Joomla | SQL Injection vulnerability in Joomla Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
2006-03-07 | CVE-2006-1044 | Lsoft | Multiple Unspecified vulnerability in Lsoft Listserv 14.3/14.4 Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. | 7.5 |
2006-03-07 | CVE-2006-1037 | Oracle | Multiple vulnerability in Oracle Diagnostics and E-Business Suite SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
2006-03-07 | CVE-2006-1036 | Oracle | Multiple vulnerability in Oracle Diagnostics 2.0/2.1/2.2 Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | 7.5 |
2006-03-07 | CVE-2006-1035 | Oracle | Multiple vulnerability in Oracle Diagnostics and E-Business Suite Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown attack vectors. | 7.5 |
2006-03-07 | CVE-2006-1032 | Phprpc | Remote Code Execution vulnerability in PHPrpc 0.7/0.8/0.9 Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag. | 7.5 |
2006-03-07 | CVE-2006-1031 | Igenus | Code Injection vulnerability in Igenus Webmail 2.0/2.01/2.02 config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter. | 7.5 |
2006-03-07 | CVE-2006-1026 | Jfacets | Remote Security vulnerability in JFacets JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID. | 7.5 |
2006-03-07 | CVE-2006-1024 | Addsoft | SQL Injection vulnerability in Addsoft Storebot 2005 SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 Professional allows remote attackers to execute arbitrary SQL commands via the Pwd parameter. | 7.5 |
2006-03-07 | CVE-2006-1020 | Johnny Vegas | SQL Injection vulnerability in Johnny Vegas Forum 1.0 SQL injection vulnerability in forumlib.php in Johnny_Vegas Vegas Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | 7.5 |
2006-03-07 | CVE-2006-1018 | DCI Designs | SQL Injection vulnerability in Dci-Designs Dawaween 1.03 SQL injection vulnerability in poems.php in DCI-Designs Dawaween 1.03 allows remote attackers to execute arbitrary SQL commands via the id parameter in a diwan view action. | 7.5 |
2006-03-07 | CVE-2006-1016 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6.0 Buffer overflow in the IsComponentInstalled method in Internet Explorer 6.0, when used on Windows 2000 before SP4 or Windows XP before SP1, allows remote attackers to execute arbitrary code via JavaScript that calls IsComponentInstalled with a long first argument. | 7.5 |
2006-03-07 | CVE-2006-1013 | Smartblog | Unspecified vulnerability in Smartblog 1.2 PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote attackers to include and execute arbitrary PHP files via (1) the pg parameter and (2) a query string without a parameter. | 7.5 |
2006-03-06 | CVE-2006-1012 | Wordpress | SQL Injection vulnerability in Wordpress 1.5.2 SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment. | 7.5 |
2006-03-06 | CVE-2006-1007 | Nathan Landry | Input Validation vulnerability in Nathan Landry N8Cms Sitesuite CMS 1.1/1.2 Multiple SQL injection vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) dir and (2) page_id parameter to index.php. | 7.5 |
2006-03-06 | CVE-2006-1006 | Sendcard | SQL Injection vulnerability in Sendcard Multiple SQL injection vulnerabilities in sendcard.php in sendcard before 3.3.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
2006-03-09 | CVE-2006-1095 | Apache | Path Traversal vulnerability in Apache MOD Python 3.2.7 Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie. | 7.2 |
93 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-03-12 | CVE-2006-1163 | Nodez | Input Validation vulnerability in Nodez 4.6.1.1 Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remote attackers to inject arbitrary web script or HTML via the op parameter. | 6.8 |
2006-03-09 | CVE-2006-1122 | D2Ksoft | Input Validation vulnerability in D2KBlog Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 6.8 |
2006-03-09 | CVE-2006-1121 | Cutephp | Cross-Site Scripting vulnerability in Cutephp Cutenews 1.4.1 Cross-site scripting (XSS) vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php. | 6.8 |
2006-03-07 | CVE-2006-1025 | Addsoft | Cross-Site Scripting vulnerability in Addsoft Storebot 2002 Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. | 6.8 |
2006-03-12 | CVE-2006-1161 | EFS Software | Input Validation vulnerability in EFS Software EFS web Server 3.2 Absolute path traversal vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder. | 6.5 |
2006-03-10 | CVE-2006-1146 | COR Entertainment | Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00 Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server. | 6.5 |
2006-03-10 | CVE-2006-1145 | COR Entertainment | Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00 Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients. | 6.5 |
2006-03-09 | CVE-2006-1087 | PHP Stats | Input Validation and Information Disclosure vulnerability in PHP-Stats Direct static code injection vulnerability in the modify_config action in admin.php for PHP-Stats 0.1.9.1 and earlier allows remote authenticated administrators to execute arbitrary PHP code via the option_new[compatibility_mode] parameter, which is not filtered before being stored in config.php. | 6.5 |
2006-03-10 | CVE-2006-1139 | Xerox | Remote Security vulnerability in CopyCentre C75 Unspecified vulnerability in the ESS/ Network Controller in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, causes the Immediate Image Overwrite feature to fail after a power loss, which could leave data exposed to attack. | 6.4 |
2006-03-09 | CVE-2006-1128 | Gallery Project | Unspecified vulnerability in Gallery Project Gallery Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized. | 6.4 |
2006-03-09 | CVE-2006-1126 | Gallery Project | Remote Security vulnerability in Gallery Project Gallery 2.0.2 Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTE_ADDR. | 6.4 |
2006-03-09 | CVE-2006-1114 | Gerrit VAN Aaken | Input Validation vulnerability in Gerrit VAN Aaken Loudblog 0.41 Multiple directory traversal vulnerabilities in Loudblog before 0.42 allow remote attackers to read or include arbitrary files via a .. | 6.4 |
2006-03-09 | CVE-2006-1093 | IBM | Unspecified vulnerability in IBM Websphere Application Server Unspecified vulnerability in IBM WebSphere 5.0.2.10 through 5.0.2.15 and 5.1.1.4 through 5.1.1.9 allows remote attackers to obtain sensitive information via unknown attack vectors, which causes JSP source code to be revealed. | 6.4 |
2006-03-07 | CVE-2006-1042 | Gregarius | Input Validation vulnerability in Gregarius 0.5.2 Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php. | 6.4 |
2006-03-07 | CVE-2006-1039 | SAP | Code Injection vulnerability in SAP web Application Server 6.10/6.20/6.40 SAP Web Application Server (WebAS) Kernel before 7.0 allows remote attackers to inject arbitrary bytes into the HTTP response and obtain sensitive authentication information, or have other impacts, via a ";%20" followed by encoded HTTP headers. | 6.4 |
2006-03-07 | CVE-2006-1015 | PHP | Security Bypass vulnerability in PHP Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. | 6.4 |
2006-03-06 | CVE-2006-1010 | Crossfire | Denial Of Service vulnerability in Crossfire 1.7.0/1.8.0 Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request. | 6.4 |
2006-03-06 | CVE-2006-1005 | Cactusoft | Information Disclosure vulnerability in Cactusoft Parodia 6.2 agencyprofile.asp in Parodia 6.2 and earlier might allow remote attackers to obtain sensitive information by triggering an SQL error via an invalid AG_ID parameter. | 6.4 |
2006-03-06 | CVE-2006-0387 | Apple | Multiple vulnerability in Apple Mac OS X Security Update 2006-001 Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504. | 6.4 |
2006-03-06 | CVE-2006-1008 | Nathan Landry | Input Validation vulnerability in Nathan Landry N8Cms Sitesuite CMS 1.1/1.12/1.2 Multiple cross-site scripting (XSS) vulnerabilities in N8cms 1.1 and 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) dir and (2) page_id parameter to (a) index.php and (3) userid parameter to (b) mailto.php. | 5.8 |
2006-03-12 | CVE-2006-1162 | Nodez | Input Validation vulnerability in Nodez 4.6.1.1 Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. | 5.1 |
2006-03-10 | CVE-2006-1134 | Jason Smith | SQL Injection vulnerability in Jason Smith Cyboards PHP Lite 1.25 SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2) process_post.php. | 5.1 |
2006-03-07 | CVE-2006-1043 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Visual Interdev and Visual Studio Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln). | 5.1 |
2006-03-12 | CVE-2006-1156 | Manas Tungare | Input Validation vulnerability in Manas Tungare Site Membership Script SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp. | 5.0 |
2006-03-10 | CVE-2006-1153 | D2 Shoutbox | SQL Injection vulnerability in D2-Shoutbox 4.2 SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB). | 5.0 |
2006-03-10 | CVE-2006-1152 | M Phorum | Remote File Include vulnerability in M Phorum M Phorum 0.2 PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. | 5.0 |
2006-03-10 | CVE-2006-1151 | M Phorum | Cross-Site Scripting vulnerability in M Phorum M Phorum 0.2 Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter. | 5.0 |
2006-03-10 | CVE-2006-1142 | Solido Systems | Unspecified vulnerability in Solido Systems Ravenous web Server Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact. | 5.0 |
2006-03-10 | CVE-2006-1138 | Xerox | Multiple vulnerability in Xerox WorkCentre / CopyCentre Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors. | 5.0 |
2006-03-10 | CVE-2006-1137 | Xerox | Multiple vulnerability in Xerox WorkCentre / CopyCentre Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) "navigate through the directory" or (2) a "file sent to expose TCP/IP ports". | 5.0 |
2006-03-10 | CVE-2006-1136 | Xerox | Multiple vulnerability in Xerox WorkCentre / CopyCentre Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers to cause a denial of service via unknown vectors. | 5.0 |
2006-03-10 | CVE-2006-0040 | Gnome | Denial Of Service vulnerability in Gnome Evolution 2.4.2.1 GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml. | 5.0 |
2006-03-09 | CVE-2006-0743 | Apache | USE of Externally-Controlled Format String vulnerability in Apache Log4Net 1.2.9Beta Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors. | 5.0 |
2006-03-09 | CVE-2006-1118 | Bmail | SQL-Injection vulnerability in Bmail Pr9.0 SQL injection vulnerability in bmail before Aardvark PR9.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving GBK character sets. | 5.0 |
2006-03-09 | CVE-2006-1116 | Ncipher | Unspecified vulnerability in Ncipher Ncore 2.17 The CBC-MAC integrity functions in the nCipher nCore API before 2.18 transmit the initialization vector IV as part of a message when the implementation uses a non-zero IV, which allows remote attackers to bypass integrity checks and modify messages without being detected. | 5.0 |
2006-03-09 | CVE-2006-1113 | Gerrit VAN Aaken | Input Validation vulnerability in Gerrit VAN Aaken Loudblog 0.41 SQL injection vulnerability in podcast.php in Loudblog before 0.42 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 5.0 |
2006-03-09 | CVE-2006-1112 | Aztek Forum | HTML Injection vulnerability in Aztek Forum Aztek Forum 4.0 Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message. | 5.0 |
2006-03-09 | CVE-2006-1105 | Pixelpost | Input Validation vulnerability in Pixelpost Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. | 5.0 |
2006-03-09 | CVE-2006-1103 | Sauerbraten | Remote vulnerability in Sauerbraten Cube and Sauerbraten engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference. | 5.0 |
2006-03-09 | CVE-2006-1102 | Sauerbraten | Remote vulnerability in Sauerbraten Cube and Sauerbraten Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (client exit) by forcing the server to change to a map (ogz) file whose name contains ".." sequences and has a certain length that prevents the addition of the ".ogz" extension. | 5.0 |
2006-03-09 | CVE-2006-1101 | Sauerbraten | Remote vulnerability in Sauerbraten Cube and Sauerbraten The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint. | 5.0 |
2006-03-09 | CVE-2006-1088 | PHP Stats | Input Validation and Information Disclosure vulnerability in PHP-Stats PHP-Stats 0.1.9.1 and earlier allows remote attackers to obtain potentially sensitive information via a direct request to checktables.php, which lists the database table_prefix. | 5.0 |
2006-03-09 | CVE-2006-1074 | Jason Boettcher | Remote Denial Of Service vulnerability in Liero Xtreme Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers to cause a denial of service (application crash or hang) via a long argument to the connect command. | 5.0 |
2006-03-07 | CVE-2006-1067 | Linksys | Remote IRC Denial Of Service vulnerability in Multiple Router Vendor Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | 5.0 |
2006-03-07 | CVE-2006-1065 | Mybulletinboard | SQL-Injection vulnerability in Mybulletinboard 1.04 SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter. | 5.0 |
2006-03-07 | CVE-2006-1063 | Lurker | Input Validation vulnerability in Lurker 0.1A/0.2 Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox". | 5.0 |
2006-03-07 | CVE-2006-1062 | Lurker | Input Validation vulnerability in Lurker 0.1A/0.2 Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier allows attackers to read arbitrary files via unknown vectors. | 5.0 |
2006-03-07 | CVE-2006-1048 | Joomla | Security Bypass vulnerability in Joomla Joomla! 1.0.7 and earlier allows attackers to bypass intended access restrictions and gain certain privileges via certain attack vectors related to the (1) Weblink, (2) Polls, (3) Newsfeeds, (4) Weblinks, (5) Content, (6) Content Section, (7) Content Category, (8) Contact items, or (9) Contact Search, (10) Content Search, (11) Newsfeed Search, or (12) Weblink Search. | 5.0 |
2006-03-07 | CVE-2006-1046 | Monopd | Remote Denial Of Service vulnerability in Monopd 0.9.3 server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output. | 5.0 |
2006-03-07 | CVE-2006-0047 | Freeciv | Resource Management Errors vulnerability in Freeciv packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. | 5.0 |
2006-03-07 | CVE-2006-0883 | Openbsd Freebsd | Resource Management Errors vulnerability in multiple products OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. | 5.0 |
2006-03-07 | CVE-2006-1030 | Joomla | Information Disclosure vulnerability in Joomla 1.0.7 Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. | 5.0 |
2006-03-07 | CVE-2006-1027 | Joomla | Information Disclosure vulnerability in Joomla 1.0.7 feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. | 5.0 |
2006-03-07 | CVE-2006-1023 | HP | Directory Traversal vulnerability in HP System Management Homepage 2.0.0/2.1.4 Directory traversal vulnerability in HP System Management Homepage (SMH) 2.0.0 through 2.1.4 on Windows allows remote attackers to access certain files via unspecified vectors. | 5.0 |
2006-03-07 | CVE-2006-1022 | Pehepe | Remote PHP Script Code Injection vulnerability in Pehepe Membership Management System 3.0 PHP remote file include vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to include and execute arbitrary PHP code via a URL in the uye_klasor parameter, along with a misafir[] parameter that is set to UYE_SEVIYE. | 5.0 |
2006-03-06 | CVE-2006-0815 | Networkactiv | Remote Script Disclosure vulnerability in Networkactiv web Server 3.5.15 NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension. | 5.0 |
2006-03-06 | CVE-2006-0458 | Irssi | Denial of Service vulnerability in Irssi 0.8.10Rc5/0.8.9 The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command. | 5.0 |
2006-03-06 | CVE-2006-0949 | Raidenhttpd | Remote Script Disclosure vulnerability in Raidenhttpd 1.1.47 RaidenHTTPD 1.1.47 allows remote attackers to obtain source code of script files, including PHP, via crafted requests involving (1) "." (dot), (2) space, and (3) "/" (slash) characters. | 5.0 |
2006-03-06 | CVE-2006-0814 | Lighttpd | Remote Script Disclosure vulnerability in Lighttpd response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files. | 5.0 |
2006-03-06 | CVE-2006-1003 | Netgear | Information Disclosure vulnerability in Netgear WGT624 Wireless Firewall Router The backup configuration option in NETGEAR WGT624 Wireless Firewall Router stores sensitive information in cleartext, which allows remote attackers to obtain passwords and gain privileges. | 5.0 |
2006-03-06 | CVE-2006-1001 | Lansuite | SQL Injection vulnerability in Lansuite Board Module SQL injection vulnerability in the board module in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 beta allows remote attackers to execute arbitrary SQL commands via the fid parameter. | 5.0 |
2006-03-07 | CVE-2006-1068 | Netgear | Denial-Of-Service vulnerability in Netgear Router Netgear 614 and 624 routers, possibly running VXWorks, allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | 4.9 |
2006-03-10 | CVE-2006-0667 | IBM | Local Security vulnerability in AIX 5.2/5.3 lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack. | 4.6 |
2006-03-09 | CVE-2006-0742 | Linux | Local Denial of Service vulnerability in Linux Kernel die_if_kernel The die_if_kernel function in arch/ia64/kernel/unaligned.c in Linux kernel 2.6.x before 2.6.15.6, possibly when compiled with certain versions of gcc, has the "noreturn" attribute set, which allows local users to cause a denial of service by causing user faults on Itanium systems. | 4.6 |
2006-03-06 | CVE-2006-1009 | M4 Project | Local Security vulnerability in Enigma-Suite M4 Project enigma-suite before 0.73.3 (Windows) has a default password of "nominal" for the "enigma-client" account, which allows local users to gain access. | 4.6 |
2006-03-12 | CVE-2006-1165 | Andreas Gohr | Cross-Site Scripting vulnerability in DokuWiki Mediamanager Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data." | 4.3 |
2006-03-12 | CVE-2006-1160 | EFS Software | Input Validation vulnerability in EFS Software EFS web Server 3.2 Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file. | 4.3 |
2006-03-12 | CVE-2006-1157 | ADP | HTML Injection vulnerability in ADP Forum Subject Field Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php. | 4.3 |
2006-03-12 | CVE-2006-1155 | Manas Tungare | Input Validation vulnerability in Manas Tungare Site Membership Script Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp. | 4.3 |
2006-03-10 | CVE-2006-1143 | Ftpoed | Cross-Site Scripting vulnerability in Ftpoed Blog Engine 1.1 Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment_body parameter, as used by the comment field, when posting a comment. | 4.3 |
2006-03-10 | CVE-2006-1135 | Sblog | HTML Injection vulnerability in Sblog 0.7.2 Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php. | 4.3 |
2006-03-10 | CVE-2006-1133 | Vbzoom | Cross-Site Scripting vulnerability in Vbzoom 1.11 Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. | 4.3 |
2006-03-10 | CVE-2006-1131 | Bitweaver | HTML Injection vulnerability in Bitweaver 1.2.1 Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the comment_title parameter. | 4.3 |
2006-03-10 | CVE-2006-1130 | Ekinboard | Input Validation vulnerability in Ekinboard 1.0.3 Cross-site scripting (XSS) vulnerability in EKINboard 1.0.3 allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in a BBCode img tag. | 4.3 |
2006-03-09 | CVE-2006-1127 | Gallery Project | HTML Injection vulnerability in Gallery Album Comments Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album. | 4.3 |
2006-03-09 | CVE-2006-1110 | Aztek Forum | HTML Injection vulnerability in Aztek Forum Aztek Forum 4.0 Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message. | 4.3 |
2006-03-09 | CVE-2006-1106 | Pixelpost | Input Validation vulnerability in Pixelpost Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) message, (2) name, (3) url, and (4) email parameters when commenting on a post. | 4.3 |
2006-03-09 | CVE-2006-1097 | Datenbank Module | Cross-Site Scripting vulnerability in Datenbank Module Datenbank Module Mod2.7 Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to (1) info_db.php or (2) database.php. | 4.3 |
2006-03-09 | CVE-2006-1089 | Punbb | Cross-Site Scripting vulnerability in PunBB Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag. | 4.3 |
2006-03-09 | CVE-2006-1082 | Phparcadescript | Cross-Site Scripting vulnerability in PHParcadescript 2.0 Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the gamename parameter in tellafriend.php, (2) the login_status parameter in loginbox.php, (3) the submissionstatus parameter in index.php, the (4) cell_title_background_color and (5) browse_cat_name parameters in browse.php, the (6) gamefile parameter in displaygame.php, and (7) possibly other parameters in unspecified PHP scripts. | 4.3 |
2006-03-09 | CVE-2006-1077 | EVO DEV | HTML Injection vulnerability in Evo-Dev evoBlog Comment Post Multiple cross-site scripting (XSS) vulnerabilities in the commentary in Evo-Dev evoBlog allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter and (2) other unspecified parameters. | 4.3 |
2006-03-08 | CVE-2006-1071 | Dvguestbook | Cross-Site Scripting vulnerability in Dvguestbook 1.2.2 Cross-site scripting (XSS) vulnerability in index.php in DVguestbook 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 4.3 |
2006-03-08 | CVE-2006-1070 | Dvguestbook | Cross-Site Scripting vulnerability in Dvguestbook 1.0 Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the f parameter. | 4.3 |
2006-03-07 | CVE-2006-1041 | Gregarius | Input Validation vulnerability in Gregarius 0.5.2 Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php. | 4.3 |
2006-03-07 | CVE-2006-1040 | Jelsoft | HTML Injection vulnerability in Jelsoft Vbulletin 3.0.12/3.5.3 Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php. | 4.3 |
2006-03-07 | CVE-2006-1034 | Woltlab | Cross-Site Scripting vulnerability in Woltlab Burning Board Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to galerie_index.php and possibly (2) galerie_onfly.php. | 4.3 |
2006-03-07 | CVE-2006-1033 | CPG Nuke | Cross-Site Scripting vulnerability in CPG Dragonfly CMS Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS before 9.0.6.1 allow remote attackers to inject arbitrary web script or HTML via (1) uname, (2) error, (3) profile or (4) the username filed parameter to the (a) Your_Account module, (5) catid, (6) sid, (7) Story Text or (8) Extended text text fields in the (b) News module, (9) month, (10) year or (11) sa parameter to the (c) Stories_Archive module, (12) show, (13) cid, (14) ratetype, or (15) orderby parameter to the (d) Web_Links module, (16) op, or (17) pollid parameter to the (e) Surveys module, (18) c parameter to the (f) Downloads module, (19) meta, or (20) album parameter to the (g) coppermine module, or the search box in the (21) Search, (22) Stories_Archive, (23) Downloads, and (24) Topics module. | 4.3 |
2006-03-07 | CVE-2006-1029 | Joomla | Cross-Site Scripting vulnerability in Joomla 1.0.7 The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags. | 4.3 |
2006-03-07 | CVE-2006-1021 | Pehepe | Cross-Site Scripting vulnerability in Pehepe Membership Management System and Uyelik Sistemi Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to inject arbitrary web script or HTML via the kuladi parameter ($kul_adi variable). | 4.3 |
2006-03-07 | CVE-2006-1019 | Ukiweb | HTML Injection vulnerability in Ukiweb Ukiboard 3.0.1 Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1 allows remote attackers to inject arbitrary web script or HTML via a BBCode url tag when using the show_post function. | 4.3 |
2006-03-06 | CVE-2006-1004 | Cactusoft | Cross-Site Scripting vulnerability in Cactusoft Parodia 6.2 Cross-site scripting (XSS) vulnerability in agencyprofile.asp in Parodia 6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the AG_ID parameter. | 4.3 |
2006-03-10 | CVE-2006-1147 | COR Entertainment | Remote vulnerability in COR Entertainment Alien Arena 2006 Gold5.00 The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name. | 4.0 |
2006-03-09 | CVE-2006-1119 | Netenberg Cpanel | Permissions, Privileges, and Access Controls vulnerability in Netenberg Fantastico DE Luxe fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message. | 4.0 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-03-12 | CVE-2006-1166 | Monotone | Unspecified vulnerability in Monotone 0.25 Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary Lua programs as the user running monotone. | 3.7 |
2006-03-07 | CVE-2006-1014 | PHP | Security Bypass vulnerability in PHP Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. | 3.2 |
2006-03-10 | CVE-2006-1144 | David Ravenscroft | Cross-Site Scripting vulnerability in David Ravenscroft Hithost 1.0.0 Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php. | 2.6 |
2006-03-09 | CVE-2006-1120 | Codeworx Technologies | Cross-Site Scripting vulnerability in DCP Portal Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 6.1.1 and earlier, with register_globals enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) its_url parameter in the documents page and (2) url parameter in the send_write page of (a) index.php; (3) subject, and (4) images parameters to (b) calendar.php; (5) bid, (6) replying_msg, (7) subject, (8) body, and (9) mid parameters to (c) forums.php; (10) subject and (11) message parameters to (d) inbox.php; (12) subject_color and (13) email parameters to (e) lostpassword.php; and the (14) c_name, (15) content_inicial, and (16) cid parameters to (f) mycontents.php. | 2.6 |
2006-03-09 | CVE-2006-1117 | Ncipher | Unspecified vulnerability in Ncipher products nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force. | 2.6 |
2006-03-09 | CVE-2006-1115 | Ncipher | Unspecified vulnerability in Ncipher Chil, Mscapi CSP and Ncipher Software CD nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a brute force attack. | 2.6 |
2006-03-07 | CVE-2006-1064 | Lurker | Input Validation vulnerability in Lurker 0.1A/2.0 Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 2.6 |
2006-03-07 | CVE-2006-1045 | Mozilla | Remote Information Disclosure vulnerability in Mozilla Thunderbird 1.5 The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed. | 2.6 |
2006-03-09 | CVE-2006-1092 | SUN | Local Denial Of Service vulnerability in Sun Solaris Proc Filesystem Pagedata Subsystem Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed. | 2.1 |
2006-03-06 | CVE-2006-1011 | Peters Software | Local Information Disclosure vulnerability in Peters Software Lettermerger 1.2 LetterMerger 1.2 stores user information in Access database files with insecure permissions, which allows local users to obtain sensitive information. | 2.1 |
2006-03-07 | CVE-2006-0741 | Linux | Denial of Service vulnerability in Linux Kernel ELF File Entry Point Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." | 1.2 |