Weekly Vulnerabilities Reports > May 29 to June 4, 2006
Overview
176 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 43 high severity vulnerabilities. This weekly summary report vulnerabilities in 122 products from 114 vendors including Mozilla, Secure Elements, Epic Designs, Geeklog, and Open Searchable Image Catalogue. Vulnerabilities are notably categorized as "Cross-site Scripting", "Code Injection", "Permissions, Privileges, and Access Controls", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "NULL Pointer Dereference".
- 170 reported vulnerabilities are remotely exploitables.
- 16 reported vulnerabilities have public exploit available.
- 11 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 168 reported vulnerabilities are exploitable by an anonymous user.
- Mozilla has the most reported vulnerabilities, with 15 reported vulnerabilities.
- Mozilla has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-02 | CVE-2006-2787 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Thunderbird EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox. | 9.3 |
2006-06-02 | CVE-2006-2780 | Mozilla | Code Injection vulnerability in Mozilla Firefox and Thunderbird Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption. | 9.3 |
2006-06-02 | CVE-2006-2779 | Mozilla | Code Injection vulnerability in Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption. | 9.3 |
43 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-03 | CVE-2006-2794 | Aspsitem | Remote Security vulnerability in Aspsitem 1.83 Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter. | 7.8 |
2006-05-31 | CVE-2006-2698 | Geeklog | Input Validation vulnerability in Geeklog Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invalid arguments to (1) layout/professional/functions.php or (2) getimage.php. | 7.8 |
2006-05-31 | CVE-2006-2690 | EVA WEB | Remote Security vulnerability in Eva-Web An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid (1) perso or (2) aide parameters. | 7.8 |
2006-05-30 | CVE-2006-2659 | Double Precision Incorporated | Remote Denial Of Service vulnerability in Courier Mail Server Username Encoding libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding. | 7.8 |
2006-06-01 | CVE-2006-2439 | Zipcentral | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Zipcentral Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. | 7.6 |
2006-06-03 | CVE-2006-2801 | Unak | Input Validation vulnerability in Unak CMS Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) u_a or (2) u_s parameters. | 7.5 |
2006-06-03 | CVE-2006-2797 | Phpcommunitycalendar | SQL-Injection vulnerability in PHPcommunitycalendar 4.0.3 Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) CalendarDetailsID parameter in (a) month.php, (b) day.php, and (c) delCalendar.php; (2) ID parameter in (d) event.php; (3) AdminUserID parameter in (e) delAdmin.php; (4) EventLocationID parameter in (f) delAddress.php; and (5) LocationID parameter in (g) delCategory.php. | 7.5 |
2006-06-03 | CVE-2006-2793 | Aspsitem | SQL-Injection vulnerability in Aspsitem 1.83 SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. | 7.5 |
2006-06-03 | CVE-2006-2792 | Woltlab | SQL-Injection vulnerability in Woltlab Burning Board 2.3.4 SQL injection vulnerability in misc.php in Woltlab Burning Board (WBB) 2.3.4 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | 7.5 |
2006-06-02 | CVE-2006-2788 | Mozilla | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code. | 7.5 |
2006-06-02 | CVE-2006-2777 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Seamonkey Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to execute arbitrary code by using the nsISelectionPrivate interface of the Selection object to add a SelectionListener and create notifications that are executed in a privileged context. | 7.5 |
2006-06-02 | CVE-2006-2776 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Thunderbird Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended. | 7.5 |
2006-06-02 | CVE-2006-2775 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attributes with the wrong URL under certain unspecified circumstances, which might allow remote attackers to bypass restrictions by causing a persisted string to be associated with the wrong URL. | 7.5 |
2006-06-02 | CVE-2006-2760 | Warpspeed | SQL Injection vulnerability in Warpspeed 4Nforum 0.91 SQL injection vulnerability in modules.php in 4nNukeWare 4nForum 0.91 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | 7.5 |
2006-06-01 | CVE-2006-2753 | Mysql Oracle | SQL Injection vulnerability in MySQL Mysql_real_escape Function SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | 7.5 |
2006-06-01 | CVE-2006-2744 | Facile Interactive WEB | Remote File Include vulnerability in F@cile Interactive web 0.8.41/0.8.5 PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. | 7.5 |
2006-06-01 | CVE-2006-2742 | Drupal | Input Validation vulnerability in Drupal SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc. | 7.5 |
2006-06-01 | CVE-2006-2738 | Open Xchange | Unspecified vulnerability in Open-Xchange 0.8.1.6 The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed. | 7.5 |
2006-06-01 | CVE-2006-2737 | Nukedit | Unspecified vulnerability in Nukedit utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action. | 7.5 |
2006-06-01 | CVE-2006-2732 | Mini Nuke | SQL Injection vulnerability in Mini-NUKE Your_Account.ASP SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters. | 7.5 |
2006-06-01 | CVE-2006-2731 | Enigma Haber | SQL Injection vulnerability in Enigma Haber Enigma Haber 4.2 Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) e_mesaj_yas.asp, (b) edi_haber.asp, and (c) haber_devam.asp; (2) hid parameter in (d) yazdir.asp and (e) yorum.asp, and the (3) e parameter in (f) arsiv.asp. | 7.5 |
2006-06-01 | CVE-2006-2727 | Epic Designs | Denial-Of-Service vulnerability in Epic Designs Eggblog 2.0/3.0 home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter. | 7.5 |
2006-06-01 | CVE-2006-2726 | Fastpublish | Remote File Include vulnerability in Fastpublish CMS 1.6.9.D PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php. | 7.5 |
2006-06-01 | CVE-2006-2722 | OUT OF THE Trees WEB Design | SQL Injection vulnerability in OUT of the Trees web Design Selectapix 1.4 SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
2006-06-01 | CVE-2006-2720 | Variomat | SQL-Injection vulnerability in Variomat SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the subcat parameter. | 7.5 |
2006-05-31 | CVE-2006-2716 | Secure Elements | Remote Security vulnerability in C5 Enterprise Vulnerability Management Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server. | 7.5 |
2006-05-31 | CVE-2006-2715 | Secure Elements | Remote Security vulnerability in C5 Enterprise Vulnerability Management The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, which allows remote attackers to gain access to servers via the console. | 7.5 |
2006-05-31 | CVE-2006-1515 | Typespeed | Remote Buffer Overflow vulnerability in Typespeed Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attackers to execute arbitrary code via unknown vectors. | 7.5 |
2006-05-31 | CVE-2006-2701 | Geeklog | SQL-Injection vulnerability in Geeklog (Extended Japanese Package) SQL injection vulnerability in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to story submission. | 7.5 |
2006-05-31 | CVE-2006-2694 | Scriptscenter | Remote File Include vulnerability in Scriptscenter Ezupload PRO 2.10 Multiple PHP remote file inclusion vulnerabilities in EzUpload Pro 2.10 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) form.php, (2) customize.php, and (3) initialize.php. | 7.5 |
2006-05-30 | CVE-2006-2674 | Tamber Forum | SQL-Injection vulnerability in Tamber Forum Multiple SQL injection vulnerabilities in Tamber Forum 1.9.13 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) frm_id parameter to (a) show_forum.asp, (2) a search field to (b) forum_search.asp, (3) Email address or (4) Password to (c) admin/index.asp, (5) frm_cat_id parameter to (d) browse_forum_cat.asp, or (6) Message Subject or (7) Message Text field to (e) post_message.asp. | 7.5 |
2006-05-30 | CVE-2006-2668 | Docebolms | Remote File Include vulnerability in Docebolms 2.0.5 Multiple PHP remote file inclusion vulnerabilities in Docebo LMS 2.05 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) modules/credits/business.php, (2) modules/credits/credits.php, or (3) modules/credits/help.php. | 7.5 |
2006-05-30 | CVE-2006-2667 | Wordpress | Remote PHP Code Injection vulnerability in WordPress Username Direct static code injection vulnerability in WordPress 2.0.2 and earlier allows remote attackers to execute arbitrary commands by inserting a carriage return and PHP code when updating a profile, which is appended after a special comment sequence into files in (1) wp-content/cache/userlogins/ (2) wp-content/cache/users/ which are later included by cache.php, as demonstrated using the displayname argument. | 7.5 |
2006-05-30 | CVE-2006-2666 | V Webmail | Remote File Include vulnerability in V-webmail PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | 7.5 |
2006-05-30 | CVE-2006-2665 | V Webmail | Remote File Include vulnerability in V-webmail PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | 7.5 |
2006-05-30 | CVE-2006-2650 | Cosmicphp | Input Validation vulnerability in CosmicShoppingCart SQL injection vulnerability in cosmicshop/search.php in CosmicShoppingCart allows remote attackers to execute arbitrary SQL commands via the max parameter. | 7.5 |
2006-05-30 | CVE-2006-2646 | ALT N | Remote Pre-Authentication IMAP Buffer Overflow vulnerability in Alt-N MDaemon Buffer overflow in Alt-N MDaemon, possibly 9.0.1 and earlier, allows remote attackers to execute arbitrary code via a long A0001 argument that begins with a '"' (double quote). | 7.5 |
2006-05-30 | CVE-2006-2645 | Plume CMS | Code Injection vulnerability in Plume-Cms Plume CMS 1.0.3 PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execute arbitrary code via a URL in the _PX_config[manager_path] parameter. | 7.5 |
2006-05-30 | CVE-2006-2636 | Katy Whitton | Improper Authentication vulnerability in Katy Whitton Newscmslite newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and gain administrative access by setting the loggedIn cookie to "xY1zZoPQ". | 7.5 |
2006-06-02 | CVE-2006-2790 | SUN | Local Privilege Escalation vulnerability in SUN Storage Automated Diagnostic Environment 2.4 A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writable permissions for certain critical files and directories, which allows local users to gain privileges. | 7.2 |
2006-05-31 | CVE-2006-2679 | Cisco | Local Privilege Escalation vulnerability in Cisco VPN Client Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain privileges, possibly due to privileges of dialog boxes, aka bug ID CSCsd79265. | 7.2 |
2006-05-30 | CVE-2006-2647 | IBM | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | 7.2 |
2006-05-31 | CVE-2006-2693 | Nivisec | Information Disclosure vulnerability in Nivisec Hacks List Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter. | 7.1 |
119 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-03 | CVE-2006-2804 | Goss | HTML Injection vulnerability in Goss ICM CMS Cross-site scripting (XSS) vulnerability in index.cfm in Goss Intelligent Content Management (iCM) 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | 6.8 |
2006-06-03 | CVE-2006-2803 | Deltascripts | Cross-Site Scripting vulnerability in Deltascripts PHP Manualmaker 1.0 Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field. | 6.8 |
2006-06-03 | CVE-2006-2800 | Unak | Cross-Site Scripting vulnerability in Unak CMS Multiple cross-site scripting (XSS) vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u_a or (2) u_s parameters. | 6.8 |
2006-06-03 | CVE-2006-2799 | Toenda Software Development | Cross-Site Scripting vulnerability in ToendaCMS Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. | 6.8 |
2006-06-03 | CVE-2006-2798 | Phpcommunitycalendar | Cross-Site Scripting vulnerability in PHPcommunitycalendar 4.0.3 Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) event.php. | 6.8 |
2006-06-03 | CVE-2006-2796 | NEW Place | Cross-Site Scripting vulnerability in New-Place Captivate 1.0 Cross-site scripting (XSS) vulnerability in gallery.php in Captivate 1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter, which is reflected in an error message. | 6.8 |
2006-06-03 | CVE-2006-2795 | Xiti | Cross-Site Scripting vulnerability in XiTi Tracking Script Xiti.JS Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote attackers to inject arbitrary web script or HTML via (1) the xtref parameter in xiti.js and (2) an HTTP Referer header field. | 6.8 |
2006-06-02 | CVE-2006-2774 | Qontentone | Cross-Site Scripting vulnerability in QontentOne CMS Cross-site scripting (XSS) vulnerability in search.php in QontentOne CMS allows remote attackers to inject arbitrary web script or HTML via the search_phrase parameter. | 6.8 |
2006-06-02 | CVE-2006-2772 | Hogstorps | HTML Injection vulnerability in Hogstorps Hogstorp Guestbook 2.0 Cross-site scripting (XSS) vulnerability in add.asp in Hogstorps hogstorp guestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, and (3) headline parameters. | 6.8 |
2006-06-01 | CVE-2006-2746 | Facile Interactive WEB | Cross-Site Scripting vulnerability in Facile Interactive web Facile Interactive web 0.8.41 Multiple cross-site scripting (XSS) vulnerabilities in F@cile Interactive Web 0.8.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) lang parameter in index.php, and the (2) mytheme and (3) myskin parameters in multiple "p-themes" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao. | 6.8 |
2006-06-01 | CVE-2006-2741 | Epic Designs | Input Validation vulnerability in tinyBB Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors. | 6.8 |
2006-06-01 | CVE-2006-2740 | Epic Designs | Input Validation vulnerability in tinyBB Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) q parameter in (a) forgot.php, and the (2) username and (3) password parameters in (b) login.php, and other unspecified vectors. | 6.8 |
2006-06-01 | CVE-2006-2724 | Punbb | Cross-Site Scripting vulnerability in Punbb 1.2.11 Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a different vulnerability than CVE-2006-2227. | 6.8 |
2006-06-01 | CVE-2006-2721 | Variomat | Cross-Site Scripting vulnerability in Variomat Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. | 6.8 |
2006-05-31 | CVE-2006-2699 | Geeklog | Input Validation vulnerability in Geeklog Cross-site scripting (XSS) vulnerability in getimage.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to inject arbitrary HTML or web script via the image argument in a show action. | 6.8 |
2006-05-31 | CVE-2006-2696 | Easy Content Forums | Cross-Site Scripting vulnerability in Easy-Content Forums Easy-Content Forums 1.0 Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp. | 6.8 |
2006-05-31 | CVE-2006-2689 | EVA WEB | Cross-Site Scripting vulnerability in EVA-Web Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) debut_image parameter in (a) article-album.php3, (2) date parameter in (b) rubrique.php3, and the (3) perso and (4) aide parameters to (c) an unknown script, probably index.php. | 6.8 |
2006-05-31 | CVE-2006-2681 | Socketmail | Code Injection vulnerability in Socketmail 2.2.6 PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2.6 and earlier, when register_globals and magic_quotes are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) index.php and (2) inc-common.php. | 6.8 |
2006-05-30 | CVE-2006-2673 | E Board | HTML Injection vulnerability in E-Board Elite-Board 1.1 Cross-site scripting (XSS) vulnerability in search.html in Bulletin Board Elite-Board (E-Board) 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box. | 6.8 |
2006-05-30 | CVE-2006-2672 | Interquest Internet Services | Cross-Site Scripting vulnerability in Realty Pro One Multiple cross-site scripting (XSS) vulnerabilities in Realty Pro One allow remote attackers to inject arbitrary web script or HTML via the (1) listingid parameter to (a) images.php, (b) index_other.php, or (c) request_info.php; (2) propertyid parameter to (d) searchlookup.php, (3) id parameter to (e) images.php, or (4) agentid parameter to (f) request_info.php. | 6.8 |
2006-05-30 | CVE-2006-2652 | Wikini | HTML Injection vulnerability in WikiNi Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script. | 6.8 |
2006-05-30 | CVE-2006-2649 | Cosmicphp | Cross-Site Scripting vulnerability in Cosmicphp Cosmicshoppingcart Multiple cross-site scripting (XSS) vulnerabilities in (a) search.php, (b) search_cat.php, (c) search_price.php, and (d) product_details.php in the cosmicshop directory for CosmicShoppingCart allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, as demonstrated by the (1) query parameter in search.php and the (2) data parameter in search_cat.php. | 6.8 |
2006-06-01 | CVE-2006-2718 | Jiwa | Remote Security vulnerability in Jiwa Financials 6.4.14 JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrated by using a stored procedure that provides the username and cleartext password of every account. | 6.5 |
2006-06-02 | CVE-2006-2781 | Mozilla | Buffer Errors vulnerability in Mozilla Seamonkey and Thunderbird Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters. | 6.4 |
2006-06-02 | CVE-2006-2773 | Hogstorps | Remote Security vulnerability in Hogstorps Hogstorp Guestbook 2.0 admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. | 6.4 |
2006-06-02 | CVE-2006-2771 | Hogstorps | Unspecified vulnerability in Hogstorps Hogstorp Guestbook 2.0 admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter. | 6.4 |
2006-06-02 | CVE-2006-2763 | PRE Projects | SQL-Injection vulnerability in PRE Projects PRE News Manager 1.0 SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. | 6.4 |
2006-06-02 | CVE-2006-2762 | Webcalendar | Information Disclosure vulnerability in Webcalendar 1.0.3 PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a user_inc setting that is used in an include_once call. | 6.4 |
2006-06-02 | CVE-2006-2761 | Hitachi | SQL Injection vulnerability in Hitachi Hitsenser3 SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITSENSER3/PUP, HITSENSER3/STP, and HITSENSER3/EUP allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 6.4 |
2006-06-02 | CVE-2006-2655 | Freebsd | Unspecified vulnerability in Freebsd The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | 6.4 |
2006-06-02 | CVE-2006-2654 | Freebsd | Unspecified vulnerability in Freebsd Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. | 6.4 |
2006-06-01 | CVE-2006-2752 | Suse | Remote Security vulnerability in Suse Linux 9.0 The RedCarpet /etc/ximian/rcd.conf configuration file in Novell Linux Desktop 9 and SUSE SLES 9 has world-readable permissions, which allows attackers to obtain the rc (RedCarpet) password. | 6.4 |
2006-06-01 | CVE-2006-2749 | Open Searchable Image Catalogue | Input Validation vulnerability in Open Searchable Image Catalogue SQL injection vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary SQL commands via the (1) txtCustomField and (2) CustomFieldID array parameters. | 6.4 |
2006-06-01 | CVE-2006-2748 | Open Searchable Image Catalogue | Input Validation vulnerability in Open Searchable Image Catalogue SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php. | 6.4 |
2006-06-01 | CVE-2006-2725 | Epic Designs | SQL Injection vulnerability in eggBlog Posts.PHP SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 6.4 |
2006-05-31 | CVE-2006-2697 | Easy Content Forums | SQL-Injection vulnerability in Easy-Content Forums Easy-Content Forums 1.0 Multiple SQL injection vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) startletter parameter in userview.asp and the (2) forumname parameter in topics.asp. | 6.4 |
2006-05-31 | CVE-2006-2688 | Achievo | SQL Injection vulnerability in Achievo 1.1.0/1.2.0 SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier and 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the atkselector parameter. | 6.4 |
2006-05-31 | CVE-2006-2686 | Actionapps | Code Injection vulnerability in Actionapps 2.8.1 PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, (7) go.php3, (8) hiercons.php3, (9) jsview.php3, (10) live_checkbox.php3, (11) offline.php3, (12) post2shtml.php3, (13) search.php3, (14) slice.php3, (15) sql_update.php3, (16) view.php3, (17) multiple files in the (18) admin/ folder, (19) includes folder, and (20) modules/ folder. | 6.4 |
2006-05-31 | CVE-2006-2683 | Open Medium | Remote Security vulnerability in Open-Medium CMS 0.25 PHP remote file inclusion vulnerability in 404.php in open-medium.CMS 0.25 allows remote attackers to execute arbitrary PHP code via a URL in the REDSYS[MYPATH][TEMPLATES] parameter. | 6.4 |
2006-05-31 | CVE-2006-2682 | Back END | Remote Security vulnerability in Back-End CMS 0.7.2.1 PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _PSL[classdir] parameter. | 6.4 |
2006-05-30 | CVE-2006-2638 | Qjstudios | SQL Injection vulnerability in QJForum Member.ASP SQL injection vulnerability in member.asp in qjForum allows remote attackers to execute arbitrary SQL commands via the uName parameter. | 6.4 |
2006-05-31 | CVE-2006-2684 | Hotwebscripts | HTML Injection vulnerability in Hotwebscripts CMS Mundo 1.0 Cross-site scripting (XSS) vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. | 5.8 |
2006-05-31 | CVE-2006-2680 | Php4Script | Cross-Site Scripting vulnerability in AZ Photo Album Script Pro Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote attackers to inject arbitrary web script or HTML via the gazpart parameter. | 5.8 |
2006-05-31 | CVE-2006-2678 | PRE Projects | Cross-Site Scripting vulnerability in PRE Projects PRE News Manager 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. | 5.8 |
2006-05-30 | CVE-2006-2670 | Calendarscripts COM | Cross-Site Scripting vulnerability in Calendarscripts.Com Chatpat 1.0 Multiple cross-site scripting (XSS) vulnerabilities in ChatPat 1.0 allow remote attackers to inject arbitrary web script or HTML via a chat message in (1) fastchat.php and (2) fastshow.php. | 5.8 |
2006-05-30 | CVE-2006-2664 | Ifdate COM | HTML Injection vulnerability in Ifdate.Com Ifdate 1.2 Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password fields, or certain other input text boxes. | 5.8 |
2006-05-30 | CVE-2006-2641 | John Frank | HTML Injection vulnerability in John Frank Asset Manager 2.4A ** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. | 5.8 |
2006-05-30 | CVE-2006-2640 | Omegasoft | Cross-Site Scripting vulnerability in Interneserviceslosungen Cross-site scripting (XSS) vulnerability in OmegaMw7a.ASP in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allows remote attackers to inject arbitrary web script or HTML via the WCE parameter. | 5.8 |
2006-06-02 | CVE-2006-2308 | Etype | Input Validation vulnerability in Etype Eserv 3.0/3.25 Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands. | 5.5 |
2006-06-02 | CVE-2006-2770 | Pppblog | Directory Traversal vulnerability in PPPBlog Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. | 5.4 |
2006-06-02 | CVE-2006-2784 | Mozilla | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. | 5.1 |
2006-06-02 | CVE-2006-2768 | IPW Systems | Remote File Include vulnerability in IPW Systems Metajour 2.1 PHP remote file inclusion vulnerability in METAjour 2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) system_path parameter in a large number of files in the (a) app/edocument/, (b) app/eproject/, (c) app/erek/, and (d) extension/ directories, and the (2) GLOBALS[system_path] parameter in (e) extension/sitemap/sitemap.datatype.php. | 5.1 |
2006-06-02 | CVE-2006-2767 | Ottoman | Code Injection vulnerability in Ottoman 1.1.2 PHP remote file inclusion vulnerability in Ottoman 1.1.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the default_path parameter in (1) error.php, (2) index.php, and (3) classes/main_class.php. | 5.1 |
2006-06-01 | CVE-2006-2747 | Fredi Bach | Local File Include vulnerability in PHPMyDesktop Arcade Directory traversal vulnerability in index.php in PhpMyDesktop|arcade 1.0 FINAL allows remote attackers to read arbitrary files or execute PHP code via a .. | 5.1 |
2006-06-01 | CVE-2006-2745 | Facile Interactive WEB | Remote File Include vulnerability in Facile Interactive web Facile Interactive web 0.8.41 Multiple PHP remote file inclusion vulnerabilities in F@cile Interactive Web 0.8.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) pathfile parameter in (a) p-editpage.php and (b) p-editbox.php, and the (2) mytheme and (3) myskin parameters in multiple "p-themes" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao. | 5.1 |
2006-06-01 | CVE-2006-2743 | Drupal | Input Validation vulnerability in Drupal Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory. | 5.1 |
2006-06-01 | CVE-2006-2739 | Epic Designs | Input Validation vulnerability in tinyBB PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter. | 5.1 |
2006-06-01 | CVE-2006-2736 | Phpbb Portal | Remote File Include vulnerability in PHPbb-Portal Blend Portal 1.2.0 PHP remote file inclusion vulnerability in blend_data/blend_common.php in Blend Portal 1.2.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 5.1 |
2006-06-01 | CVE-2006-2735 | Activity MOD Plus | Remote Security vulnerability in Activity MOD Plus Activity MOD Plus 1.1.0 PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 5.1 |
2006-06-01 | CVE-2006-2730 | HOT Open Tickets | Remote File Include vulnerability in HOT Open Tickets HOT Open Tickets 2F20041101 PHP remote file inclusion vulnerability in admin/lib_action_step.php in Hot Open Tickets (HOT) 11012004_ver2f, when register_globals is enabled, allows remote attackers to include arbitrary files via the GLOBALS[CLASS_PATH] parameter. | 5.1 |
2006-05-31 | CVE-2006-2700 | Geeklog | Input Validation vulnerability in Geeklog SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the loginname parameter. | 5.1 |
2006-05-31 | CVE-2006-2695 | Dgnews | Remote Security vulnerability in Dgnews admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory. | 5.1 |
2006-05-30 | CVE-2006-2675 | Ubbcentral | Remote Security vulnerability in UBB.threads PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters. | 5.1 |
2006-06-03 | CVE-2006-2805 | Jelsoft | SQL Injection vulnerability in Jelsoft Vbulletin 3.0.10 SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter. | 5.0 |
2006-06-03 | CVE-2006-2802 | Xine | Buffer Overflow vulnerability in Xine-Lib HTTP Response Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6. | 5.0 |
2006-06-03 | CVE-2006-2791 | NET ART Media | Directory Traversal vulnerability in Iboutique.Mall Directory traversal vulnerability in index.php in iBoutique.MALL and possibly iBoutique allows remote attackers to read arbitrary files via ".." sequences in the function parameter. | 5.0 |
2006-06-02 | CVE-2006-2778 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Thunderbird The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. | 5.0 |
2006-06-02 | CVE-2006-2769 | Sourcefire | Permissions, Privileges, and Access Controls vulnerability in Sourcefire Snort The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration. | 5.0 |
2006-06-02 | CVE-2006-2759 | Jetty | Remote Security vulnerability in Jetty 6.0Beta16 jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary script source code via a capital P in the .jsp extension, and probably other mixed case manipulations. | 5.0 |
2006-06-02 | CVE-2006-2758 | Jetty | Path Traversal vulnerability in Jetty 6.0 Directory traversal vulnerability in jetty 6.0.x (jetty6) beta16 allows remote attackers to read arbitrary files via a %2e%2e%5c (encoded ../) in the URL. | 5.0 |
2006-06-02 | CVE-2006-2756 | Eitsop | Remote Denial of Service vulnerability in Eitsop MY web Server 1.0 Eitsop My Web Server 1.0 allows remote attackers to cause a denial of service (application crash) via a long GET request. | 5.0 |
2006-06-01 | CVE-2006-2754 | Openldap | Remote Security vulnerability in OpenLDAP Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname. | 5.0 |
2006-06-01 | CVE-2006-2734 | Mini Nuke | Remote Security vulnerability in Mini-Nuke enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker. | 5.0 |
2006-06-01 | CVE-2006-2733 | Mini Nuke | Remote Security vulnerability in Mini-Nuke membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts. | 5.0 |
2006-06-01 | CVE-2006-2703 | Suse | Man In The Middle vulnerability in Suse Linux 9.0 The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. | 5.0 |
2006-06-01 | CVE-2006-2723 | Mozilla | Denial of Service vulnerability in Mozilla Firefox 2.0 Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. | 5.0 |
2006-05-31 | CVE-2006-2714 | Secure Elements | Remote Security vulnerability in C5 Enterprise Vulnerability Management Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which allows remote attackers to send messages to a protected asset without knowing the proper CEID. | 5.0 |
2006-05-31 | CVE-2006-2713 | Secure Elements | Remote Security vulnerability in C5 Enterprise Vulnerability Management Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers to determine the CEID of a protected asset, which can be used in other attacks against AVR. | 5.0 |
2006-05-31 | CVE-2006-2712 | Secure Elements | Remote Security vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages. | 5.0 |
2006-05-31 | CVE-2006-2711 | Secure Elements | Information Disclosure vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to obtain potentially sensitive information about messages. | 5.0 |
2006-05-31 | CVE-2006-2710 | Secure Elements | Remote Security vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications. | 5.0 |
2006-05-31 | CVE-2006-2709 | Secure Elements | Remote Security vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remote attackers to (1) execute arbitrary code on a client or (2) forge messages to the server. | 5.0 |
2006-05-31 | CVE-2006-2708 | Secure Elements | Remote Security vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read). | 5.0 |
2006-05-31 | CVE-2006-2707 | Secure Elements | Remote Security vulnerability in Secure Elements Class 5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients. | 5.0 |
2006-05-31 | CVE-2006-2706 | Secure Elements | Denial-Of-Service vulnerability in Class 5 Enterprise Vulnerability Management Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. | 5.0 |
2006-05-31 | CVE-2006-2705 | Secure Elements | Denial-Of-Service vulnerability in Secure Elements C5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages. | 5.0 |
2006-05-31 | CVE-2006-2704 | Secure Elements | Remote Security vulnerability in Secure Elements C5 Enterprise vulnerability Management 2.8.0 Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote attackers to read sensitive vulnerability information. | 5.0 |
2006-05-31 | CVE-2006-2702 | Wordpress | Remote Security vulnerability in Wordpress 2.0.2 vars.php in WordPress 2.0.2, possibly when running on Mac OS X, allows remote attackers to spoof their IP address via a PC_REMOTE_ADDR HTTP header, which vars.php uses to redefine $_SERVER['REMOTE_ADDR']. | 5.0 |
2006-05-31 | CVE-2006-2692 | Amule | Remote Information Disclosure vulnerability in aMule Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal. | 5.0 |
2006-05-31 | CVE-2006-2691 | Amule | Remote Information Disclosure vulnerability in aMule Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors. | 5.0 |
2006-05-31 | CVE-2006-2677 | Sitescape | Remote Security vulnerability in Sitescape Forum 7.2 SiteScape Forum 7.2 and possibly earlier stores the avf.rc configuraiton file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive path information. | 5.0 |
2006-05-31 | CVE-2006-2676 | Sitescape | Remote Security vulnerability in Sitescape Forum 7.2 Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames. | 5.0 |
2006-05-30 | CVE-2006-2671 | Calendarscripts COM | SQL-Injection vulnerability in Calendarscripts.Com Chatpat 1.0 SQL injection vulnerability in ChatPat 1.0 allows remote attackers to execute arbitrary SQL commands via the nickname field. | 5.0 |
2006-05-30 | CVE-2006-2661 | Freetype Debian Canonical | Null Pointer Dereference vulnerability in multiple products ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. | 5.0 |
2006-06-01 | CVE-2006-2719 | Jiwa | Local Security vulnerability in Financials JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords. | 4.9 |
2006-05-31 | CVE-2006-2687 | Agtc Websolutions | HTML Injection vulnerability in Agtc Websolutions PHP-Agtc Membership System 1.1A Cross-site scripting (XSS) vulnerability in adduser.php in PHP-AGTC Membership System 1.1a and earlier allows remote attackers to inject arbitrary web script or HTML via the email address (useremail parameter). | 4.9 |
2006-06-02 | CVE-2006-2662 | Vmware | Unspecified vulnerability in VMWare Server 1.0.1Build29996 VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges. | 4.6 |
2006-06-02 | CVE-2006-2785 | Mozilla | Unspecified vulnerability in Mozilla Firefox Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL. | 4.3 |
2006-06-02 | CVE-2006-2783 | Mozilla | Cross-Site Scripting vulnerability in Mozilla Firefox and Thunderbird Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT. | 4.3 |
2006-06-02 | CVE-2006-2782 | Mozilla | Improper Input Validation vulnerability in Mozilla Firefox and Seamonkey Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. | 4.3 |
2006-06-02 | CVE-2006-2764 | Xander Ladage | Cross-Site Scripting vulnerability in Xander Ladage Guestbookxl 1.3 Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an IMG tag in a comment field to (1) guestwrite.php or (2) guestbook.php. | 4.3 |
2006-06-02 | CVE-2006-2757 | Chipmunk Scripts | Cross-Site Scripting vulnerability in Chipmunk Guestbook Cross-site scripting (XSS) vulnerability in Chipmunk guestbook allows remote attackers to inject arbitrary web script or HTML via the (1) start parameter in (a) index.php; (2) forumID parameter in index.php, (b) newtopic.php, and (c) reply.php; and (3) ID parameter to (d) edit.php. | 4.3 |
2006-06-02 | CVE-2006-2755 | Ubbcentral | Cross-Site Scripting vulnerability in UBBThreads Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords. | 4.3 |
2006-06-01 | CVE-2006-2751 | Open Searchable Image Catalogue | Cross-Site Scripting vulnerability in Open Searchable Image Catalogue Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary web scripts or HTML via the item_list parameter in search.php. | 4.3 |
2006-06-01 | CVE-2006-2750 | Open Searchable Image Catalogue | Input Validation vulnerability in Open Searchable Image Catalogue Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message. | 4.3 |
2006-05-30 | CVE-2006-2669 | Preprojects COM | Cross-Site Scripting vulnerability in Preprojects.Com PRE Shopping Mall 1.0 Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the "search box"), (2) the prodid parameter in detail.php, and the (3) cid parameter in products.php. | 4.3 |
2006-05-30 | CVE-2006-2663 | Ifusionservices | Cross-Site Scripting vulnerability in Ifusionservices Iflance 1.1 Multiple cross-site scripting (XSS) vulnerabilities in iFlance 1.1 allow remote attackers to inject arbitrary web script or HTML via certain inputs to (1) acc_verify.php or (2) project.php. | 4.3 |
2006-05-30 | CVE-2006-2643 | Circle R | Cross-Site Scripting vulnerability in Circle R Monster TOP List 1.4 Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter. | 4.3 |
2006-05-30 | CVE-2006-2642 | PHP Residence | HTML Injection vulnerability in PHP-Residence 0.6 ** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. | 4.3 |
2006-05-30 | CVE-2006-2639 | Phpsimplechoose | Cross-Site Scripting vulnerability in PHPsimplechoose 0.3 Cross-site scripting (XSS) vulnerability in the input forms in prattmic and Master5006 PHPSimpleChoose 0.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. | 4.3 |
2006-05-30 | CVE-2006-2637 | Tuttophp | Products View.PHP Cross-Site Scripting vulnerability in Tuttophp Morris Guestbook, Pretty Guestbook and Smile Guestbook Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) Morris Guestbook 1, (2) Pretty Guestbook 1, and (3) Smile Guestbook 1 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the pagina parameter. | 4.3 |
2006-05-30 | CVE-2006-2635 | Tiki | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Multiple cross-site scripting (XSS) vulnerabilities in Tikiwiki (aka Tiki CMS/Groupware) 1.9.x allow remote attackers to inject arbitrary web script or HTML via malformed nested HTML tags such as "<scr<script>ipt>" in (1) offset and (2) days parameters in (a) tiki-lastchanges.php, the (3) find and (4) offset parameters in (b) tiki-orphan_pages.php, the (5) offset and (6) initial parameters in (c) tiki-listpages.php, and (7) an unspecified field in (d) tiki-remind_password.php; and allow remote authenticated users with admin privileges to inject arbitrary web script or HTML via (8) an unspecified field in a metatags action in (e) tiki-admin.php, the (9) offset parameter in (f) tiki-admin_rssmodules.php, the (10) offset and (11) max parameters in (g) tiki-syslog.php, the (12) numrows parameter in (h) tiki-adminusers.php, (13) an unspecified field in (i) tiki-adminusers.php, (14) an unspecified field in (j) tiki-admin_hotwords.php, unspecified fields in (15) "Assign new module" and (16) "Create new user module" in (k) tiki-admin_modules.php, (17) an unspecified field in "Add notification" in (l) tiki-admin_notifications.php, (18) the offset parameter in (m) tiki-admin_notifications.php, the (19) Name and (20) Dsn fields in (o) tiki-admin_dsn.php, the (21) offset parameter in (p) tiki-admin_content_templates.php, (22) an unspecified field in "Create new template" in (q) tiki-admin_content_templates.php, and the (23) offset parameter in (r) tiki-admin_chat.php. | 4.3 |
2006-05-30 | CVE-2006-2634 | Neocrome | HTML Injection vulnerability in Neocrome Seditio 102 Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field. | 4.3 |
2006-06-02 | CVE-2006-2309 | Etype | Input Validation vulnerability in Etype Eserv 3.0/3.25 The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files. | 4.0 |
2006-05-31 | CVE-2006-2717 | Secure Elements | Directory Traversal vulnerability in C5 Enterprise Vulnerability Management Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticated attackers to overwrite arbitrary files (1) on a server during an update or (2) on a client via modified pathnames, possibly due to a directory traversal issue. | 4.0 |
2006-05-31 | CVE-2006-2685 | Kevin Johnson | Code Injection vulnerability in Kevin Johnson Basic Analysis and Security Engine PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php. | 4.0 |
2006-05-31 | CVE-2006-1175 | Weonlydo | Remote Arbitrary File Access vulnerability in WeOnlyDo SFTP ActiveX Control The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page. | 4.0 |
2006-05-30 | CVE-2006-2644 | Awstats | Remote Arbitrary Command Execution vulnerability in Awstats 6.41/6.5/6.51 AWStats 6.5, and possibly other versions, allows remote authenticated users to execute arbitrary code by using the configdir parameter to awstats.pl to upload a configuration file whose name contains shell metacharacters, then access that file using the LogFile directive. | 4.0 |
2006-05-30 | CVE-2006-2633 | Andrew Godwin | Unspecified vulnerability in Andrew Godwin Bytehoard Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter. | 4.0 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-05-30 | CVE-2006-2632 | Andrew Godwin | HTML Injection vulnerability in ByteHoard Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions. | 3.5 |
2006-06-02 | CVE-2006-2789 | Gnome | Denial Of Service vulnerability in GNOME Evolution Email Attachment Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used. | 2.6 |
2006-06-02 | CVE-2006-2786 | Mozilla | Unspecified vulnerability in Mozilla Firefox and Thunderbird HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. | 2.6 |
2006-06-02 | CVE-2006-2766 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file. | 2.6 |
2006-06-02 | CVE-2006-2765 | Interlink Advantage | Cross-Site Scripting vulnerability in Interlink Advantage Cross-site scripting (XSS) vulnerability in news_information.php in Interlink Advantage allows remote attackers to inject arbitrary web script or HTML via the flag parameter. | 2.6 |
2006-06-01 | CVE-2006-2729 | JAN Chmelik | Cross-Site Scripting vulnerability in JAN Chmelik Photoalbum Bandw 1.3 Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. | 2.6 |
2006-06-01 | CVE-2006-2728 | JAN Chmelik | Cross-Site Scripting vulnerability in JAN Chmelik Photoalbum Bandw 1.3 Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the pic parameter. | 2.6 |
2006-05-30 | CVE-2006-2653 | D Link | Cross-Site Scripting vulnerability in D-Link Airspot DSA-3100 Gateway Login_error.SHTML Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. | 2.6 |
2006-05-30 | CVE-2006-2651 | Vacation Rentals | Cross-Site Scripting vulnerability in Vacation Rentals Vacation Rental Script 1.0 Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the obj parameter. | 2.6 |
2006-05-30 | CVE-2006-2648 | Aspbb | Cross-Site Scripting vulnerability in ASPBB Perform_search.ASP Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter. | 2.6 |
2006-05-29 | CVE-2006-2563 | PHP | Unspecified vulnerability in PHP 4.4.2/5.1.4 The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters. | 2.1 |