Weekly Vulnerabilities Reports > April 17 to 23, 2006
Overview
172 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 38 high severity vulnerabilities. This weekly summary report vulnerabilities in 141 products from 109 vendors including Oracle, Apple, Linux, Cisco, and Flexbb. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", "Cross-site Scripting", "Permissions, Privileges, and Access Controls", and "Code Injection".
- 155 reported vulnerabilities are remotely exploitables.
- 11 reported vulnerabilities have public exploit available.
- 6 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 162 reported vulnerabilities are exploitable by an anonymous user.
- Oracle has the most reported vulnerabilities, with 21 reported vulnerabilities.
- Oracle has the most reported critical vulnerabilities, with 16 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
16 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-04-20 | CVE-2006-1887 | Oracle | Multiple vulnerability in Oracle Enterpriseone 8.95.J1 Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. | 10.0 |
2006-04-20 | CVE-2006-1886 | Oracle | Multiple vulnerability in Oracle Peoplesoft Enterprise 8.46.12/8.47.04 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.46.12 and 8.47.04 has unknown impact and attack vectors, aka Vuln# PSE01. | 10.0 |
2006-04-20 | CVE-2006-1885 | Oracle | Multiple vulnerability in Oracle April 2006 Security Update Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02. | 10.0 |
2006-04-20 | CVE-2006-1884 | Jdedwards Oneworld Oracle | Multiple vulnerability in Oracle April 2006 Security Update Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. | 10.0 |
2006-04-20 | CVE-2006-1883 | Oracle | Multiple vulnerability in Oracle E-Business Suite 11.5.10.1 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite and Applications 11.5.10CU1 has unknown impact and attack vectors, aka Vuln# APPS05. | 10.0 |
2006-04-20 | CVE-2006-1882 | Oracle | Multiple vulnerability in Oracle E-Business Suite 11.5.10 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) APPS07, and (5) APPS08 in (c) Oracle Applications Technology Stack; and (6) APPS11 in (d) Oracle Order Capture. | 10.0 |
2006-04-20 | CVE-2006-1881 | Oracle | Multiple vulnerability in Oracle E-Business Suite 11.5.9 Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite and Applications 11.5.9 has unknown impact and attack vectors. | 10.0 |
2006-04-20 | CVE-2006-1880 | Oracle | Multiple vulnerability in Oracle E-Business Suite 11.5.10.2 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, as identified by Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS09 in the (b) Oracle Diagnostics Interfaces component; (3) APPS10 in the (c) Oracle General Ledger component; (4) APPS12 and (5) APPS13 in the (d) Oracle Receivables component. | 10.0 |
2006-04-20 | CVE-2006-1879 | Oracle | Multiple vulnerability in Oracle April 2006 Security Update Multiple unspecified vulnerabilities in the Email Server component in Oracle Collaboration Suite 9.0.4.2, 10.1.1, 10.1.2.0, and 10.1.2.1 have unknown impact and attack vectors, aka Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04. | 10.0 |
2006-04-20 | CVE-2006-1875 | Oracle | Multiple vulnerability in Oracle Database Server 10.1.0.5/9.0.1.5/9.2.0.7 Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11. | 10.0 |
2006-04-20 | CVE-2006-1869 | Oracle | Multiple vulnerability in Oracle Database Server 8.1.7.4/9.0.1.5 Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. | 10.0 |
2006-04-20 | CVE-2006-1867 | Oracle | Multiple vulnerability in Oracle Database Server 9.2.0.6 Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln# DB02. | 10.0 |
2006-04-20 | CVE-2006-1866 | Oracle | Multiple vulnerability in Oracle April 2006 Security Update Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the (1) Advanced Replication component, as identified by Vuln# DB01, and (2) Oracle Spatial component, as identified by Vuln# DB10. | 9.7 |
2006-04-20 | CVE-2006-1876 | Oracle | Multiple vulnerability in Oracle Database Server 10.1.0.4/9.2.0.7 Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. | 9.0 |
2006-04-20 | CVE-2006-1873 | Oracle | Multiple vulnerability in Oracle Database Server 10.1.0.4/10.2.0.1/9.2.0.7 Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB08. | 9.0 |
2006-04-20 | CVE-2006-1870 | Oracle | Multiple vulnerability in Oracle April 2006 Security Update Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln# DB05. | 9.0 |
38 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-04-20 | CVE-2006-1900 | W3C | Remote Buffer Overflow vulnerability in W3C Amaya 9.4 Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets." | 7.6 |
2006-04-17 | CVE-2006-1794 | Mambo | SQL Injection vulnerability in Mambo Open Source SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via (1) the $username variable in the mosGetParam function and (2) the $task parameter in the mosMenuCheck function in (a) includes/mambo.php; and (3) the $filter variable to the showCategory function in the com_content component (content.php). | 7.6 |
2006-04-17 | CVE-2006-1793 | Runcms | Remote Code Execution vulnerability in Runcms 1.1/1.1A Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. | 7.6 |
2006-04-21 | CVE-2006-1987 | Apple | Multiple Security vulnerability in Apple Mac OS X Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. | 7.5 |
2006-04-21 | CVE-2006-1986 | Apple | Multiple Security vulnerability in Apple Mac OS X Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via a large CELLSPACING attribute in a TABLE tag, which triggers an error in KWQListIteratorImpl::KWQListIteratorImpl. | 7.5 |
2006-04-21 | CVE-2006-1982 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Heap-based buffer overflow in the LZWDecodeVector function in Mac OS X before 10.4.6, as used in applications that use ImageIO or AppKit, allows remote attackers to execute arbitrary code via crafted TIFF images. | 7.5 |
2006-04-21 | CVE-2006-1978 | Flexbb | SQL Injection vulnerability in Flexbb SQL injection vulnerability in inc/start.php in FlexBB 0.5.5 and earlier allows remote attackers to execute arbitrary SQL commands via the flexbb_username COOKIE parameter. | 7.5 |
2006-04-21 | CVE-2006-1974 | Mybulletinboard | SQL Injection vulnerability in MyBB Index.PHP Referrer Cookie SQL injection vulnerability in index.php in MyBB (MyBulletinBoard) before 1.04 allows remote attackers to execute arbitrary SQL commands via the referrer parameter. | 7.5 |
2006-04-21 | CVE-2006-1964 | Aspsitem | SQL Injection vulnerability in Aspsitem 1.83 SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-04-21 | CVE-2006-1962 | Pcpin | SQL Injection vulnerability in Pcpin Chat SQL injection vulnerability in PCPIN Chat 5.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username field (login parameter) to main.php. | 7.5 |
2006-04-21 | CVE-2006-1961 | Cisco | Local Privilege Escalation vulnerability in Multiple Linux-Based Cisco Products Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). | 7.5 |
2006-04-21 | CVE-2006-1959 | Actualscripts | Remote File Include vulnerability in ActualScripts Actualanalyzer 2.72/7.63 PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf parameter. | 7.5 |
2006-04-20 | CVE-2006-1949 | Nicplex | SQL-Injection vulnerability in Plexcart SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. | 7.5 |
2006-04-20 | CVE-2006-1947 | Nicplex | SQL Injection vulnerability in Plexum Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters. | 7.5 |
2006-04-20 | CVE-2006-1919 | Thomas Voecking | Remote File Include vulnerability in Thomas Voecking Internet Photoshow 1.3 PHP remote file inclusion vulnerability in index.php in Internet Photoshow 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |
2006-04-20 | CVE-2006-1917 | Blackorpheus | SQL Injection vulnerability in Blackorpheus Clanmemberskript 1.0 SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter. | 7.5 |
2006-04-20 | CVE-2006-1910 | S9Y | Unspecified vulnerability in S9Y Serendipity 1.0Beta2 config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to inject arbitrary PHP code by editing values that are stored in config.php and later executed. | 7.5 |
2006-04-20 | CVE-2006-1907 | Mywebland | SQL-Injection vulnerability in myEvent Multiple SQL injection vulnerabilities in myEvent 1.x allow remote attackers to inject arbitrary SQL commands via the event_id parameter to (1) addevent.php or (2) del.php or (3) event_desc parameter to addevent.php. | 7.5 |
2006-04-20 | CVE-2006-1905 | Xine | Remote Format String vulnerability in Xine Playlist Handling Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file. | 7.5 |
2006-04-20 | CVE-2006-1890 | Mywebland | Code Injection vulnerability in Mywebland Myevent 1.2/1.4 Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. | 7.5 |
2006-04-20 | CVE-2006-1874 | Oracle | Multiple vulnerability in Oracle Database Server 8.1.7.4/9.0.1.5/9.2.0.6 Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB09. | 7.5 |
2006-04-20 | CVE-2006-1872 | Oracle | Multiple vulnerability in Oracle April 2006 Security Update Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07. | 7.5 |
2006-04-20 | CVE-2006-1868 | Oracle | Buffer Errors vulnerability in Oracle Database Server 10.1.0.4 Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03. | 7.5 |
2006-04-19 | CVE-2006-1852 | Scriptsfrenzy | SQL-Injection vulnerability in Article Publisher Pro SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter. | 7.5 |
2006-04-19 | CVE-2006-1849 | Skymarx Solutions | Input Validation vulnerability in xFlow Multiple SQL injection vulnerabilities in members_only/index.cgi in xFlow 5.46.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) position and (2) id parameter. | 7.5 |
2006-04-19 | CVE-2006-1847 | Francisco Burzi | Input Validation vulnerability in Francisco Burzi PHP-Nuke 7.8 SQL injection vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote attackers to execute arbitrary SQL commands via the user_id parameter in the Your_Home functionality. | 7.5 |
2006-04-19 | CVE-2006-1839 | PHP Album | Unspecified vulnerability in PHP Album PHP Album 0.3.2.3 PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary code via an FTP URL in the data_dir parameter, which satisfies the file_exists function call. | 7.5 |
2006-04-19 | CVE-2006-1838 | Clanscripte NET | SQL Injection and Authentication Bypass vulnerability in Clanscripte.Net Fuju News 1.0 edit_kategorie.php in Fuju News 1.0 allows remote attackers to bypass authentication by setting the authorized cookie. | 7.5 |
2006-04-19 | CVE-2006-1837 | Clanscripte NET | SQL Injection and Authentication Bypass vulnerability in Clanscripte.Net Fuju News 1.0 SQL injection vulnerability in archiv2.php in Fuju News 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-04-19 | CVE-2006-1831 | Coder World | Input Validation vulnerability in Coder-World Sysinfo 1.21 Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions before 2.25 allows remote attackers to execute arbitrary commands via a leading ; (semicolon) in the name parameter in a systemdoc action, which is injected into phpinfo.php. | 7.5 |
2006-04-18 | CVE-2006-1819 | Phpwebsite | Unspecified vulnerability in PHPwebsite Directory traversal vulnerability in the loadConfig function in index.php in phpWebSite 0.10.2 and earlier allows remote attackers to include arbitrary local files and execute arbitrary PHP code via the hub_dir parameter, as demonstrated by including access_log. | 7.5 |
2006-04-18 | CVE-2006-1807 | Musicbox | Input Validation vulnerability in MusicBox Multiple SQL injection vulnerabilities in index.php in Musicbox 2.3.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start parameter in a search action or (2) type parameter in a top action. | 7.5 |
2006-04-18 | CVE-2006-1805 | Powerscripts | SQL Injection vulnerability in Powerscripts Powerclan 1.14 SQL injection vulnerability in member.php in PowerClan 1.14 allows remote attackers to execute arbitrary SQL commands via the memberid parameter. | 7.5 |
2006-04-18 | CVE-2006-1804 | Phpmyadmin | SQL-Injection vulnerability in PHPmyadmin 2.7.0Pl1/2.8.0.3 SQL injection vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to execute arbitrary SQL commands via the sql_query parameter. | 7.5 |
2006-04-18 | CVE-2006-1800 | Simplemedia | Remote Arbitrary Command Execution vulnerability in Simplebbs 1.0.6/1.0.7/1.1 Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via ".." sequences in the language cookie, as demonstrated by by injecting the code into the gl_session cookie of users.php, which is stored in error.log. | 7.5 |
2006-04-18 | CVE-2006-1799 | Adcentrix | Remote Arbitrary Command Execution vulnerability in Censtore censtore.cgi in Censtore 7.3.002 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | 7.5 |
2006-04-18 | CVE-2006-1798 | Rateit | SQL Injection vulnerability in Rateit 2.2 SQL injection vulnerability in rateit.php in RateIt 2.2 allows remote attackers to execute arbitrary SQL commands via the rateit_id parameter. | 7.5 |
2006-04-20 | CVE-2006-1877 | Oracle | Multiple vulnerability in Oracle Database Server 8.1.7.4/9.0.1.5/9.2.0.7 Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.7 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB13. | 7.2 |
77 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-04-20 | CVE-2006-1916 | Dbbs | Input Validation vulnerability in Dbbs 2.0 Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters. | 6.8 |
2006-04-20 | CVE-2006-1913 | JAX Scripts | Cross-Site Scripting vulnerability in Jax Guestbook Page Parameter Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax Guestbook 3.1, 3.31, and 3.50 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 6.8 |
2006-04-20 | CVE-2006-1893 | AR Blog | Cross-Site Scripting vulnerability in Ar-Blog 5.2 Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 6.8 |
2006-04-20 | CVE-2006-1888 | Phpgraphy | Permissions, Privileges, and Access Controls vulnerability in PHPgraphy 0.9.10/0.9.9A phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. | 6.8 |
2006-04-19 | CVE-2006-1836 | Symantec | Local Privilege Escalation vulnerability in Symantec LiveUpdate for Macintosh Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program. | 6.8 |
2006-04-18 | CVE-2006-1825 | Phplinks | Cross-Site Scripting vulnerability in phpLinks Cross-site scripting (XSS) vulnerability in index.php in phpLinks 2.1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the term parameter. | 6.8 |
2006-04-17 | CVE-2006-1796 | Wordpress | Cross-Site Scripting vulnerability in WordPress Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']). | 6.8 |
2006-04-20 | CVE-2006-1895 | Phpbb Group | Unspecified vulnerability in PHPbb Group PHPbb 2.0.9 Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that (1) bypasses a loose ".*" regular expression to match BEGIN and END statements in overall_header.tpl, or (2) is used in an eval statement by includes/bbcode.php for bbcode.tpl. | 6.5 |
2006-04-20 | CVE-2006-1871 | Oracle | SQL Injection vulnerability in Oracle Database Server 10.1.0.5/9.2.0.7 SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06. | 6.5 |
2006-04-19 | CVE-2006-1853 | Moderngigabyte | SQL Injection vulnerability in ModernGigabyte ModernBill User.PHP Multiple SQL injection vulnerabilities in ModernBill 4.3.2 and earlier allow remote attackers or administrators to execute arbitrary SQL commands via the (1) id parameter in (a) user.php, or (2) where and (3) order parameters to (b) admin.php. | 6.5 |
2006-04-21 | CVE-2006-1983 | Apple | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple mac OS X and mac OS X Server Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. | 6.4 |
2006-04-21 | CVE-2006-1958 | Wired Community Software | SQL Injection vulnerability in Wired Community Software Wwwthreads RC3 Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote attackers to execute arbitrary SQL commands via (1) the forumreferrer cookie to register.php and (2) the messages parameter in message_list.php. | 6.4 |
2006-04-20 | CVE-2006-1924 | Linpha | Input Validation vulnerability in Linpha 1.0/1.1.0 SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 6.4 |
2006-04-20 | CVE-2006-1922 | Sweetphp | Remote File Include vulnerability in Sweetphp Totalcalendar 2.0/2.1/2.2 PHP remote file inclusion vulnerability in (1) about.php or (2) auth.php in TotalCalendar allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter. | 6.4 |
2006-04-20 | CVE-2006-1921 | PHP NET Tools | Unspecified vulnerability in PHP NET Tools PHP NET Tools 2.7.1 nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. | 6.4 |
2006-04-20 | CVE-2006-1920 | Pmtool | SQL Injection vulnerability in Pmtool 1.2.2 SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote attackers to execute arbitrary SQL commands via the order parameter in the include files (1) user.inc.php, (2) customer.inc.php, and (3) project.inc.php. | 6.4 |
2006-04-19 | CVE-2006-1840 | Empire Server | USE of Externally-Controlled Format String vulnerability in Empire Server Empire Server Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a denial of service (crash) via the (1) load, (2) spy and (3) bomb functions. | 6.4 |
2006-04-18 | CVE-2006-1827 | Digium | Integer Overflow vulnerability in Asterisk JPEG File Handling Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length. | 6.4 |
2006-04-18 | CVE-2006-1823 | Farsinews | Directory Traversal vulnerability in FarsiNews Directory traversal vulnerability in FarsiNews 2.5.3 Pro and earlier allows remote attackers to obtain the installation path via ".." sequences in the archive parameter to index.php, which leaks the full pathname in an error message. | 6.4 |
2006-04-18 | CVE-2006-1821 | Modxcms | Directory Traversal vulnerability in Modxcms 0.9.1 Directory traversal vulnerability in index.php in ModX 0.9.1 allows remote attackers to read arbitrary files via a .. | 6.4 |
2006-04-18 | CVE-2006-1813 | Phpwebftp | Directory Traversal vulnerability in PHPWebFTP Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers to read arbitrary files via a .. | 6.4 |
2006-04-18 | CVE-2006-1812 | Phpwebftp | Directory Traversal vulnerability in PHPwebftp 3.2 phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | 6.4 |
2006-04-18 | CVE-2006-1811 | Flexbb | Input Validation vulnerability in Flexbb 0.5.5Beta Multiple SQL injection vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) forumid, or (3) threadid parameter to index.php; the (4) ICQ, (5) AIM, (6) MSN, (7) Google Talk, (8) Website Name, (9) Website Address, (10) Email Address, (11) Location, (12) Signature, and (13) Sub-Titles fields in the user profile; or (14) flexbb_password field in a cookie. | 6.4 |
2006-04-20 | CVE-2006-1896 | Phpbb Group | Code Injection vulnerability in PHPbb Group PHPbb Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. | 6.0 |
2006-04-21 | CVE-2006-1979 | Manic WEB | HTML Injection vulnerability in Manic web Mwguest 2.1.0 Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter. | 5.8 |
2006-04-21 | CVE-2006-1977 | Flexbb | Cross-Site Scripting vulnerability in FlexBB Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) message parameters. | 5.8 |
2006-04-21 | CVE-2006-1968 | Kcscripts | Cross-Site Scripting vulnerability in Portal Pack Cross-site scripting (XSS) vulnerability in news/NsVisitor.cgi in KCScripts News Publisher, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sort_order parameter. | 5.8 |
2006-04-21 | CVE-2006-1965 | Aasi Media | Cross-Site Scripting vulnerability in Aasi Media NET Clubs PRO 4.0 Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) onuser, (2) pass, (3) chatsys, (4) room, (5) username, and (6) to parameters in (a) sendim.cgi; the (7) username parameter in (b) imessage.cgi; the (8) password parameter in (c) login.cgi; and the (9) cat_id parameter in (d) viewcat.cgi. | 5.8 |
2006-04-21 | CVE-2006-1960 | Cisco | Cross-Site Scripting vulnerability in Cisco Wireless Lan Solution Engine ArchiveApplyDisplay.JSP Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095. | 5.8 |
2006-04-20 | CVE-2006-1923 | Linpha | Input Validation vulnerability in Linpha 1.0/1.1.0 Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) RSS/RSS.php and (2) possibly other vectors. | 5.8 |
2006-04-20 | CVE-2006-1912 | Mybulletinboard | Cross-Site Scripting vulnerability in Mybulletinboard 1.10 MyBB (MyBulletinBoard) 1.1.0 does not set the constant KILL_GLOBAL variable in (1) global.php and (2) inc/init.php, which allows remote attackers to initialize arbitrary variables that are processed by an @extract command, which could then be leveraged to conduct cross-site scripting (XSS) or SQL injection attacks. | 5.8 |
2006-04-20 | CVE-2006-1889 | Script Solution DE | Cross-Site Scripting vulnerability in Boardsolution Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword parameter). | 5.8 |
2006-04-18 | CVE-2006-1822 | Farsinews | Cross-Site Scripting vulnerability in FarsiNews Search.PHP Cross-site scripting (XSS) vulnerability in search.php in FarsiNews 2.5.3 Pro and earlier allows remote attackers to inject arbitrary web script or HTML via the selected_search_arch parameter. | 5.8 |
2006-04-18 | CVE-2006-1820 | Modxcms | Directory Traversal vulnerability in Modxcms 0.9.1 Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 5.8 |
2006-04-21 | CVE-2006-1963 | Pcpin | SQL Injection vulnerability in PCPIN Chat Main.PHP Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code. | 5.5 |
2006-04-21 | CVE-2006-1985 | Apple | Buffer Errors vulnerability in Apple mac OS X, mac OS X Server and Safari Heap-based buffer overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312, as used in Mac OS X 10.4.6 and earlier, allows user-assisted attackers to execute arbitrary code via a crafted archive (such as ZIP) that contains long path names, which triggers an error in the BOMStackPop function. | 5.1 |
2006-04-20 | CVE-2006-1942 | K Meleon Project Mozilla Netscape | Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page." | 5.1 |
2006-04-19 | CVE-2006-1834 | Opera | Numeric Errors vulnerability in Opera Browser Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. | 5.1 |
2006-04-19 | CVE-2006-1828 | Php121 | SQL Injection vulnerability in PHP121 PHP121LOGIN.PHP SQL injection vulnerability in php121language.php in PHP121 1.4 allows remote attackers to execute arbitrary SQL commands and execute arbitrary code via the sess_username variable, as set by the php121un HTTP COOKIE parameter, which is used in multiple files including php121login.php. | 5.1 |
2006-04-21 | CVE-2006-1988 | Apple | Multiple Security vulnerability in Apple Mac OS X The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. | 5.0 |
2006-04-21 | CVE-2006-1984 | Apple | Multiple Security vulnerability in Apple Mac OS X Unspecified vulnerability in the _cg_TIFFSetField function in Mac OS X 10.4.6 and earlier, as used in applications that use ImageIO or AppKit, allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a null dereference. | 5.0 |
2006-04-21 | CVE-2006-1973 | Linksys | Remote Malformed SIP Packet Denial Of Service vulnerability in Linksys RT31P2 Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages. | 5.0 |
2006-04-21 | CVE-2006-1966 | Fortinet | Denial-Of-Service vulnerability in Fortinet28 An unspecified Fortinet product, possibly Fortinet28, allows remote attackers to cause a denial of service via a "small synflood" to the SMTP port (TCP port 25), as demonstrated by a 10-microsecond wait between sending packets. | 5.0 |
2006-04-20 | CVE-2006-1941 | Neon Software | Remote Clock Synchronization Denial of Service vulnerability in Neon Software Neon Responder 5.4 Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a denial of service (application outage) via a crafted Clock Synchronisation packet that triggers an access violation. | 5.0 |
2006-04-20 | CVE-2006-1931 | Yukihiro Matsumoto | Denial of Service vulnerability in Yukihiro Matsumoto Ruby XMLRPC Server The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data. | 5.0 |
2006-04-20 | CVE-2006-1929 | I Rater | Remote File Include vulnerability in I-RATER Platinum Common.PHP PHP remote file inclusion vulnerability in include/common.php in I-Rater Platinum allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | 5.0 |
2006-04-20 | CVE-2006-1928 | Cisco | Denial of Service vulnerability in Cisco IOS XR MPLS Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531. | 5.0 |
2006-04-20 | CVE-2006-1927 | Cisco | Denial of Service vulnerability in Cisco IOS XR MPLS Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475. | 5.0 |
2006-04-20 | CVE-2006-1926 | Thwboard | SQL Injection vulnerability in ThWboard Showtopic.PHP SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the pagenum parameter. | 5.0 |
2006-04-20 | CVE-2006-1915 | Dbbs | SQL-Injection vulnerability in Dbbs SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter. | 5.0 |
2006-04-20 | CVE-2006-1914 | Dbbs | Information Disclosure vulnerability in Dbbs DbbS 2.0-alpha and earlier allows remote attackers to obtain sensitive information via an invalid (1) fcategoryid parameter to topics.php or (2) unavariabile, (3) GLOBALS, or (4) _SERVER[] parameters to script.php. | 5.0 |
2006-04-20 | CVE-2006-1909 | Coppermine | Local File Include vulnerability in Coppermine Photo Gallery 1.4.4 Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences. | 5.0 |
2006-04-20 | CVE-2006-1901 | Mozilla | Denial-Of-Service vulnerability in Camino Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference and application crash or hang) via HTML with certain improperly nested elements. | 5.0 |
2006-04-20 | CVE-2006-1897 | Talentsoft | Information Disclosure vulnerability in Talentsoft Web+ Shop 5.3.6 Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote (') or possibly other invalid value in the storeid parameter in store.wml in webplus.exe, which reveals the path in a "Script Not Found" error message. | 5.0 |
2006-04-19 | CVE-2006-1851 | Skymarx Solutions | Input Validation vulnerability in xFlow xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/index.cgi, probably due to invalid values. | 5.0 |
2006-04-19 | CVE-2006-1832 | Coder World | Input Validation vulnerability in Coder-World Sysinfo 1.21 sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action. | 5.0 |
2006-04-18 | CVE-2006-1816 | Jelsoft | Remote Security vulnerability in Vbulletin 3.5.1/3.5.2/3.5.4 PHP remote file inclusion vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 allows remote attackers to execute arbitrary code via a URL in the systempath parameter to (1) ImpExModule.php, (2) ImpExController.php, and (3) ImpExDisplay.php. | 5.0 |
2006-04-18 | CVE-2006-1809 | Lifetype | Information Disclosure vulnerability in Lifetype 1.0.3 index.php in Lifetype 1.0.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which reveals the path in an error message. | 5.0 |
2006-04-20 | CVE-2006-1892 | Alwil | Unspecified vulnerability in Alwil Avast Antivirus 1.0.5 avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/_avast4_ temporary directory. | 4.9 |
2006-04-19 | CVE-2006-1525 | Linux | Resource Management Errors vulnerability in Linux Kernel ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference. | 4.9 |
2006-04-18 | CVE-2006-1797 | Netbsd | Local Denial of Service vulnerability in NetBSD SIOCGIFALIAS IOCTL The kernel in NetBSD-current before September 28, 2005 allows local users to cause a denial of service (system crash) by using the SIOCGIFALIAS ioctl to gather information on a non-existent alias of a network interface, which causes a NULL pointer dereference. | 4.9 |
2006-04-18 | CVE-2006-0744 | Linux | Improper Input Validation vulnerability in Linux Kernel Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with the wrong GS. | 4.9 |
2006-04-21 | CVE-2006-1972 | Wingnut | Cross-Site Scripting vulnerability in EasyGallery EasyGallery.PHP Cross-site scripting (XSS) vulnerability in EasyGallery.php in Wingnut EasyGallery allows remote attackers to inject arbitrary web script or HTML via the ordner parameter. | 4.3 |
2006-04-21 | CVE-2006-1971 | Krankikom | Cross-Site Scripting vulnerability in ContentBoxx Login.PHP Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ContentBoxX allows remote attackers to inject arbitrary web script or HTML via the action parameter. | 4.3 |
2006-04-21 | CVE-2006-1970 | Kcscripts | Cross-Site Scripting vulnerability in Portal Pack Cross-site scripting (XSS) vulnerability in classifieds/viewcat.cgi in KCScripts Classifieds, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter. | 4.3 |
2006-04-20 | CVE-2006-1950 | Perlcoders Group | Cross-Site Scripting vulnerability in Perlcoders Group Bannerfarm 2.3 Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in PerlCoders BannerFarm 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) aff and (2) cat parameters. | 4.3 |
2006-04-20 | CVE-2006-1925 | Cutephp | Cross-Site Scripting vulnerability in Cutephp Cutenews 1.4.1 Directory traversal vulnerability in the editnews module (inc/editnews.mdu) in index.php in CuteNews 1.4.1 allows remote attackers to read or modify files via the source parameter in the (1) editnews or (2) doeditnews action. | 4.3 |
2006-04-20 | CVE-2006-1911 | Mybulletinboard | Cross-Site Scripting vulnerability in Mybulletinboard 1.1 Cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.1 allows remote attackers to inject arbitrary web script or HTML via the attachment content disposition in an HTML attachment. | 4.3 |
2006-04-20 | CVE-2006-1894 | Revoboard | Cross-Site Scripting vulnerability in Revoboard 1.8 Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is transformed when the application's e-mail address obfuscator reverses the transformation. | 4.3 |
2006-04-20 | CVE-2006-1891 | Betaboard | HTML Injection vulnerability in Betaboard 0.1 Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. | 4.3 |
2006-04-19 | CVE-2006-1846 | Francisco Burzi | Input Validation vulnerability in Francisco Burzi PHP-Nuke 7.8 Cross-site scripting (XSS) vulnerability in the Your_Account module in PHP-Nuke 7.8 might allows remote attackers to inject arbitrary HTML and web script via the ublock parameter, which is saved in the user's personal menu. | 4.3 |
2006-04-18 | CVE-2006-1826 | Snipegallery | Cross-Site Scripting vulnerability in Snipegallery Snipe Gallery Multiple cross-site scripting (XSS) vulnerabilities in Snipe Gallery 3.1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in view.php, (2) keyword parameter in search.php, and (3) image_id parameter in image.php. | 4.3 |
2006-04-18 | CVE-2006-1803 | Phpmyadmin | Cross-Site Scripting vulnerability in PHPMyAdmin Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter. | 4.3 |
2006-04-18 | CVE-2006-1802 | Tinywebgallery | Cross-Site Scripting vulnerability in Tiny Web Gallery Cross-site scripting (XSS) vulnerability in index.php in TinyWebGallery 1.3 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the twg_album parameter. | 4.3 |
2006-04-18 | CVE-2006-1801 | Planet Concept | Cross-Site Scripting vulnerability in PlanetSearch+ Cross-site scripting (XSS) vulnerability in planetsearchplus.php in planetSearch+ allows remote attackers to inject arbitrary web script or HTML via the search_exp parameter. | 4.3 |
2006-04-20 | CVE-2006-1948 | IBM | Remote Security vulnerability in IBM Lotus Notes 6.0/6.5 The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient. | 4.0 |
2006-04-19 | CVE-2006-1829 | Sybase | Unspecified vulnerability in Sybase Easerver 5.2/5.3 EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles. | 4.0 |
41 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-04-19 | CVE-2006-1830 | SUN | Local Privilege Escalation vulnerability in SUN Java Studio Enterprise 8 Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors. | 3.7 |
2006-04-19 | CVE-2006-1524 | Linux | Permissions, Privileges, and Access Controls vulnerability in Linux Kernel madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. | 3.6 |
2006-04-18 | CVE-2006-1753 | Debian | Unspecified vulnerability in Debian Linux 3.1 A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | 3.6 |
2006-04-19 | CVE-2006-1247 | IBM | Link Following vulnerability in IBM AIX rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 3.3 |
2006-04-21 | CVE-2006-1980 | W2B | Cross-Site Scripting vulnerability in W2B Online Banking SID Parameter Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter. | 2.6 |
2006-04-21 | CVE-2006-1976 | Geekforgod NET | Cross-Site Scripting vulnerability in Geekforgod.Net Prayer Request Board Beta1 Cross-site scripting (XSS) vulnerability in addRequest.php in Prayer Request Board (PRB) Beta 1 before 20060320 allows remote attackers to inject arbitrary web script or HTML via the Request field. | 2.6 |
2006-04-21 | CVE-2006-1975 | Stadtaus COM | Cross-Site Scripting vulnerability in Stadtaus.Com PHP-Gastebuch 1.61 Cross-site scripting (XSS) vulnerability in guestbook_newentry.php in PHP-Gastebuch 1.61 allows remote attackers to inject arbitrary web script or HTML via the Kommentar field. | 2.6 |
2006-04-21 | CVE-2006-1969 | Kcscripts | Cross-Site Scripting vulnerability in Portal Pack Cross-site scripting (XSS) vulnerability in search/search.cgi in an unspecified KCScripts script, probably Search Engine or Site Search, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 2.6 |
2006-04-21 | CVE-2006-1967 | Kcscripts | Cross-Site Scripting vulnerability in Kcscripts Calendar and Portal Pack Cross-site scripting (XSS) vulnerability in calendar/Visitor.cgi in KCScripts Calendar, distributed individually and as part of Portal Pack 6.0 and earlier, allows remote attackers to inject arbitrary web script or HTML via the sort_order parameter. | 2.6 |
2006-04-20 | CVE-2006-1946 | Visale | Cross-Site Scripting vulnerability in Visale Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the keyval parameter in pbpgst.cgi, (2) the catsubno parameter in pblscg.cgi, and (3) the listno parameter in pblsmb.cgi. | 2.6 |
2006-04-20 | CVE-2006-1945 | Awstats | Cross-Site Scripting vulnerability in AWStats AWstats.PL Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. | 2.6 |
2006-04-20 | CVE-2006-1944 | Sibsoft | Cross-Site Scripting vulnerability in CommuniMail Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi. | 2.6 |
2006-04-20 | CVE-2006-1943 | Smarter Scripts | Cross-Site Scripting vulnerability in Smarter Scripts Intellilink PRO 5.06 Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts IntelliLink Pro 5.06 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter in addlink_lwp.cgi and the (2) id, (3) forgotid, and (4) forgotpass parameters in edit.cgi. | 2.6 |
2006-04-20 | CVE-2006-1918 | Papoo | Cross-Site Scripting vulnerability in Papoo 2.1.5 Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 allow remote attackers to inject arbitrary web script or HTML via the menuid parameter to (1) index.php or (2) forum.php, or the (3) reporeid_print parameter to print.php. | 2.6 |
2006-04-20 | CVE-2006-1908 | Mywebland | Cross-Site Scripting vulnerability in myEvent Cross-site scripting vulnerability in addevent.php in myEvent 1.x allows remote attackers to inject arbitrary web script or HTML via the event_desc parameter. | 2.6 |
2006-04-20 | CVE-2006-1906 | Jjgan852 | Cross-Site Scripting vulnerability in Jjgan852 PHPlister 0.4.1 Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpLister 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 2.6 |
2006-04-20 | CVE-2006-1904 | Animegenesis | Cross-Site Scripting vulnerability in Gallery Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis Gallery allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 2.6 |
2006-04-20 | CVE-2006-1903 | Userland | Cross-Site Scripting vulnerability in Manila Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and certain other HTML elements in web pages edited with the editInBrowser module. | 2.6 |
2006-04-20 | CVE-2006-1899 | DEV | HTML Injection vulnerability in DEV Neuron Blog 1.1 Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters. | 2.6 |
2006-04-20 | CVE-2006-1898 | Ralph Capper | Cross-Site Scripting vulnerability in Ralph Capper Tinyphpforum 3.6 Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php and (2) a login name. | 2.6 |
2006-04-20 | CVE-2006-1878 | Phpfaber | Cross-Site Scripting vulnerability in PHPfaber Topsites 3 Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites allows remote attackers to inject arbitrary web script or HTML via the page parameter. | 2.6 |
2006-04-19 | CVE-2006-1850 | Skymarx Solutions | Input Validation vulnerability in xFlow Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) level, (2) position, (3) id, and (4) action parameters to members_only/index.cgi, and the (5) page parameter to customer_area/index.cgi. | 2.6 |
2006-04-19 | CVE-2006-1848 | Linpha | Cross-Site Scripting vulnerability in Linpha 1.1.0 Multiple cross-site scripting (XSS) vulnerabilities in stats_view.php in LinPHA 1.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) date_from, (2) date_to, and (3) date parameter. | 2.6 |
2006-04-19 | CVE-2006-1843 | Cynical Games | Cross-Site Scripting vulnerability in Cynical Games Shoutbook 1.1 Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) LOCATION and (2) URL parameters. | 2.6 |
2006-04-19 | CVE-2006-1842 | Cynical Games | HTML Injection vulnerability in Cynical Games Shoutbook 1.1 Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) NAME and (2) COMMENTS parameters. | 2.6 |
2006-04-19 | CVE-2006-1841 | Kailash Nadh | Cross-Site Scripting vulnerability in BoastMachine Search.PHP Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly other versions before 2.9b, allows remote attackers to inject arbitrary web script or HTML via the key parameter, as used by the search field. | 2.6 |
2006-04-19 | CVE-2006-1835 | Vincent HOR | Cross-Site Scripting vulnerability in Calendarix YearCal.PHP Cross-site scripting (XSS) vulnerability in yearcal.php in Calendarix allows remote attackers to inject arbitrary web script or HTML via the ycyear parameter. | 2.6 |
2006-04-19 | CVE-2006-1833 | Netbsd | Unspecified vulnerability in Netbsd Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface. | 2.6 |
2006-04-18 | CVE-2006-1818 | THE WAR Forge | Input Validation vulnerability in the WAR Forge Warforge.News 1.0 Multiple cross-site scripting (XSS) vulnerabilities in warforge.NEWS 1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) first_name and (2) last_name parameter in myaccounts.php. | 2.6 |
2006-04-18 | CVE-2006-1817 | THE WAR Forge | Input Validation vulnerability in the WAR Forge Warforge.News 1.0 SQL injection vulnerability in authcheck.php in warforge.NEWS 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) authusername and possibly the (2) authpassword cookie. | 2.6 |
2006-04-18 | CVE-2006-1815 | Tritanium Scripts | Cross-Site Scripting vulnerability in Tritanium Bulletin Board Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_realname and (2) newuser_icq parameters, a different vector than CVE-2006-1768. | 2.6 |
2006-04-18 | CVE-2006-1808 | Lifetype | Cross-Site Scripting vulnerability in Lifetype 1.0.3 Cross-site scripting (XSS) vulnerability in index.php in Lifetype 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the show parameter in a Template operation. | 2.6 |
2006-04-18 | CVE-2006-1806 | Musicbox | Input Validation vulnerability in MusicBox Cross-site scripting (XSS) vulnerability in index.php in Musicbox 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the term parameter in a search action. | 2.6 |
2006-04-17 | CVE-2006-1795 | Updi Network Enterprise | HTML Injection vulnerability in Updi Network Enterprise AT1 Event Publisher 20060323 Cross-site scripting (XSS) vulnerability in tablepublisher.cgi in UPDI Network Enterprise @1 Table Publisher 2006-03-23 allows remote attackers to inject arbitrary web script or HTML via the Title of Table field. | 2.6 |
2006-04-21 | CVE-2006-1981 | Apple | Local Security vulnerability in Mac OS X Unspecified vulnerability in Java InputMethods on Mac OS X 10.4.5 may cause InputMethods to send input events for secure fields to the wrong text field, which might reveal the password to others who can view the screen. | 2.1 |
2006-04-20 | CVE-2006-1902 | GNU | Buffer Errors vulnerability in GNU GCC 4.1 fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value." | 2.1 |
2006-04-20 | CVE-2006-1056 | Freebsd Linux | Cryptographic Issues vulnerability in multiple products The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state of floating point instructions of other processes, which can be leveraged to obtain sensitive information such as cryptographic keys. | 2.1 |
2006-04-19 | CVE-2006-1844 | Debian | Unspecified vulnerability in Debian Base-Config and Shadow The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges. | 2.1 |
2006-04-18 | CVE-2006-1814 | Netbsd | Local Denial of Service vulnerability in NetBSD Sysctl NetBSD 1.6, 2.0, 2.1 and 3.0 allows local users to cause a denial of service (memory exhaustion) by using the sysctl system call to lock a large buffer into physical memory. | 2.1 |
2006-04-18 | CVE-2006-1810 | Flexbb | HTML Injection vulnerability in Flexbb 0.5.5Beta Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the (1) ICQ, (2) AIM, (3) MSN, (4) Google Talk, (5) Website Name, (6) Website Address, (7) Email Address, (8) Location, (9) Signature, and (10) Sub-Titles fields in the user profile. | 1.9 |
2006-04-18 | CVE-2006-1824 | Phpguestbook | HTML Injection vulnerability in PHPguestbook 1.0 Multiple cross-site scripting (XSS) vulnerabilities in PhpGuestbook.php in PhpGuestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Website, and (3) Comment parameter. | 1.2 |