Weekly Vulnerabilities Reports > June 12 to 18, 2006
Overview
135 new vulnerabilities reported during this period, including 9 critical vulnerabilities and 43 high severity vulnerabilities. This weekly summary report vulnerabilities in 116 products from 88 vendors including Microsoft, Vbzoom, Cescripts, Myscrapbook, and Okscripts. Vulnerabilities are notably categorized as "Cross-site Scripting", "Code Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", and "Numeric Errors".
- 130 reported vulnerabilities are remotely exploitables.
- 7 reported vulnerabilities have public exploit available.
- 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 131 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 18 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 7 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
9 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-13 | CVE-2006-2382 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 5.01/6 Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability." | 10.0 |
2006-06-13 | CVE-2006-2373 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows 2000, Windows Server 2003 and Windows XP The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability." | 10.0 |
2006-06-17 | CVE-2006-3059 | Microsoft | Remote Code Execution vulnerability in Microsoft Excel Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2006-06-14 | CVE-2006-3017 | PHP | Multiple Unspecified vulnerability in PHP zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations. | 9.3 |
2006-06-14 | CVE-2006-3016 | PHP Group | Multiple Unspecified vulnerability in PHP Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. | 9.3 |
2006-06-13 | CVE-2006-2383 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 5.01/6 Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution. | 9.3 |
2006-06-13 | CVE-2006-2379 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. | 9.3 |
2006-06-13 | CVE-2006-1303 | Microsoft | Code Injection vulnerability in Microsoft IE and Internet Explorer Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input, and (6) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input.1, which causes memory corruption during garbage collection. | 9.3 |
2006-06-13 | CVE-2006-0025 | Microsoft | Buffer Errors vulnerability in Microsoft Windows Media Player 10/9 Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size. | 9.3 |
43 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-13 | CVE-2006-2385 | Microsoft | Code Injection vulnerability in Microsoft IE and Internet Explorer Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file. | 7.6 |
2006-06-13 | CVE-2006-0022 | Microsoft | Remote Code Execution vulnerability in Microsoft PowerPoint Malformed Record Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 2004 for Mac, and v. | 7.6 |
2006-06-16 | CVE-2006-3056 | Vbzoom | SQL Injection vulnerability in Vbzoom 1.01 SQL injection vulnerability in language.php in VBZooM 1.01 allows remote attackers to execute arbitrary SQL commands via the Action parameter. | 7.5 |
2006-06-16 | CVE-2006-3055 | Vbzoom | SQL Injection vulnerability in Vbzoom 1.02 Multiple SQL injection vulnerabilities in VBZooM 1.02 allow remote attackers to execute arbitrary SQL commands via the (1) QuranID, (2) ShowByQuranID, or (3) Action parameters to meaning.php. | 7.5 |
2006-06-16 | CVE-2006-3054 | Vbzoom | SQL Injection vulnerability in Vbzoom 1.11 Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote attackers to execute arbitrary SQL commands via the (1) sobjectID or (2) MAINID parameters to (a) show.php or (3) MainID parameter to (b) subject.php. | 7.5 |
2006-06-16 | CVE-2006-3053 | Phorum | Remote File Include vulnerability in Retired: PHORUM Common.PHP ** DISPUTED ** PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. | 7.5 |
2006-06-16 | CVE-2006-3048 | Tiki | SQL Injection vulnerability in Tiki Tikiwiki Cms/Groupware SQL injection vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
2006-06-16 | CVE-2006-3045 | Teake Nutma | File Include vulnerability in Foing Remote PHP remote file inclusion vulnerability in manage_songs.php in Foing 0.7.0e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter. | 7.5 |
2006-06-16 | CVE-2006-2909 | Picozip | Buffer Overflow vulnerability in Picozip 4.01 Stack-based buffer overflow in the info tip shell extension (zipinfo.dll) in PicoZip 4.01 allows remote attackers to execute arbitrary code via a long filename in an (1) ACE, (2) RAR, or (3) ZIP archive, which is triggered when the user moves the mouse over the archive. | 7.5 |
2006-06-15 | CVE-2006-3042 | Ispconfig | Remote File Include vulnerability in Ispconfig 2.2.3 ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. | 7.5 |
2006-06-15 | CVE-2006-3041 | Codewalkers | Unspecified vulnerability in Codewalkers Ltwcalendar 4.1.3 ** DISPUTED ** PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the ltw_config[include_dir] parameter. | 7.5 |
2006-06-15 | CVE-2006-3040 | AMR Talkbox | Unspecified vulnerability in AMR Talkbox AMR Talkbox ** DISPUTED ** PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter. | 7.5 |
2006-06-15 | CVE-2006-3028 | Minerva | Remote File Inclusion vulnerability in Minerva 2.0.8Abuild237 PHP remote file inclusion vulnerability in stat_modules/users_age/module.php in Minerva 2.0.8a Build 237 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2006-06-15 | CVE-2006-3027 | Enthrallweb | SQL Injection vulnerability in Enthrallweb ePhotos SubLevel2.ASP Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) CAT_ID parameter in (a) subphotos.asp and (b) subLevel2.asp, the (2) AL_ID parameter in (c) photo.asp, and the (3) SUB_ID parameter in (d) subLevel2.asp. | 7.5 |
2006-06-15 | CVE-2006-3019 | Phpcms | Code Injection vulnerability in PHPcms 1.2.1P12 Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/parser.php. | 7.5 |
2006-06-14 | CVE-2006-3018 | PHP Group | Multiple Unspecified vulnerability in PHP Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption. | 7.5 |
2006-06-13 | CVE-2006-3010 | Aliacom | Cross-Site Scripting vulnerability in Aliacom Open Business Management 1.0.3Pl1 Multiple SQL injection vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to execute arbitrary SQL commands via the (1) new_order and (2) order_dir parameters to (a) index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php, and the (3) entity and (4) tf_dateafter parameter to company/company_index.php. | 7.5 |
2006-06-13 | CVE-2006-2371 | Microsoft | Remote Access RASMAN Registry Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Remote Access Connection Manager service (RASMAN) service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," that lead to registry corruption and stack corruption, aka the "RASMAN Registry Corruption Vulnerability." | 7.5 |
2006-06-13 | CVE-2006-2370 | Microsoft | Remote Access Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." | 7.5 |
2006-06-13 | CVE-2006-2376 | Microsoft | Numeric Errors vulnerability in Microsoft Windows 98, Windows 98Se and Windows ME Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow. | 7.5 |
2006-06-13 | CVE-2006-2998 | Free Qboard | Remote File Include vulnerability in Free Qboard Free Qboard 1.1 PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter. | 7.5 |
2006-06-13 | CVE-2006-2996 | Lovecompass | Remote File Include vulnerability in Lovecompass Aepartner 0.8.3 PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dir[data] parameter. | 7.5 |
2006-06-13 | CVE-2006-2995 | Webprojectdb | Remote File Include vulnerability in Webprojectdb 0.1.3 Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php. | 7.5 |
2006-06-13 | CVE-2006-2993 | MY Photo Scrapbook | Input Validation vulnerability in My Photo Scrapbook Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp. | 7.5 |
2006-06-13 | CVE-2006-2987 | Dominios Europa | SQL-Injection vulnerability in Dominios Europa Picrate 1.0 Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) voteid, and (3) vfiel parameters to (a) index.php, and via the (4) nick, (5) email, (6) city, (7) messen, and (8) message form field parameters to (b) add.php. | 7.5 |
2006-06-13 | CVE-2006-2985 | Integramod | SQL-Injection vulnerability in Integramod SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter. | 7.5 |
2006-06-13 | CVE-2006-2983 | Enterprise Payroll Systems | Remote File Include vulnerability in Enterprise Payroll Systems PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php. | 7.5 |
2006-06-13 | CVE-2006-2982 | Enterprise Payroll Systems | Remote File Include vulnerability in Enterprise Payroll Systems AbsolutePath Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2) admin/footer.php. | 7.5 |
2006-06-13 | CVE-2006-2908 | Mybulletinboard | Remote PHP Script Code Injection vulnerability in Mybulletinboard 1.1.2 The domecode function in inc/functions_post.php in MyBulletinBoard (MyBB) 1.1.2, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the username field, which is used in a preg_replace function call with a /e (executable) modifier. | 7.5 |
2006-06-12 | CVE-2006-2981 | Arantius | SQL-Injection vulnerability in Vice Stats SQL injection vulnerability in vs_search.php in Arantius Vice Stats before 1.0.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2006-2972. | 7.5 |
2006-06-12 | CVE-2006-2980 | Viart LTD | SQL-Injection vulnerability in Viart LTD Viart Shop Free 2.5.5Enterprise/2.5.5Light/2.5.5Standard SQL injection vulnerability in block_forum_topic_new.php in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, might allow remote attackers to execute arbitrary SQL commands via unknown vectors, probably involving the forum_id parameter. | 7.5 |
2006-06-12 | CVE-2006-2977 | Mafia Moblog | SQL Injection vulnerability in Mafia Moblog Mafia Moblog SQL injection vulnerability in big.php in Mafia Moblog 0.6M1 and earlier allows remote attackers to execute arbitrary SQL commands via the img parameter. | 7.5 |
2006-06-12 | CVE-2006-2976 | Coppermine | Remote Security vulnerability in Coppermine Photo Gallery Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery before 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors. | 7.5 |
2006-06-12 | CVE-2006-2973 | PHP Lite | SQL Injection vulnerability in PHP Lite Calendar Express 2.2 Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) catid and (2) cid parameter. | 7.5 |
2006-06-12 | CVE-2006-2972 | Arantius | SQL Injection vulnerability in Vice Stats VS_Resource.PHP SQL injection vulnerability in vs_resource.php in Arantius Vice Stats 0.5b and 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-06-12 | CVE-2006-2964 | Xtreme Scripts | File Include vulnerability in Xtreme Scripts Download Manager 1.0 Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php. | 7.5 |
2006-06-12 | CVE-2006-2962 | Oxfam Australia | Remote File Include vulnerability in Empris PHP remote file inclusion vulnerability in sql_fcnsOLD.php in Emergenices Personnel Information System (Empris) 20020923 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phormationdir parameter. | 7.5 |
2006-06-12 | CVE-2006-2961 | Aclogic | Commands Remote Buffer Overflow vulnerability in ACLogic CesarFTP Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. | 7.5 |
2006-06-12 | CVE-2006-2960 | Joomla | Remote File Include vulnerability in Joomla 1.0 PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. | 7.5 |
2006-06-12 | CVE-2006-2959 | Snitz Communications | SQL Injection vulnerability in Snitz Forums inc_header.ASP SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie. | 7.5 |
2006-06-12 | CVE-2006-2954 | Primoris Software | Input Validation vulnerability in OfficeFlow SQL injection vulnerability in files.asp in OfficeFlow 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the Project parameter. | 7.5 |
2006-06-12 | CVE-2006-2943 | CGI Rescue | Unspecified vulnerability in Cgi-Rescue Webform Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. | 7.5 |
2006-06-14 | CVE-2006-3015 | Winscp | Code Injection vulnerability in Winscp 3.8.1Build328 Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or download arbitrary files via encoded spaces and double-quote characters in a scp or sftp URI. | 7.1 |
68 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-16 | CVE-2006-3052 | Cescripts | Cross-Site Scripting vulnerability in Event Registration 2Checkout Cross-site scripting (XSS) vulnerability in Event Registration allows remote attackers to inject arbitrary web script or HTML via the (1) event_id parameter to view-event-details.php or (2) select_events parameter to event-registration.php. | 6.8 |
2006-06-15 | CVE-2006-3025 | Lucid Designs | Cross-Site Scripting vulnerability in Lucid Designs Lucid Calendar 0.22 Cross-site scripting (XSS) vulnerability in Cal.PHP3 in Chris Lea Lucid Calendar 0.22 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 6.8 |
2006-06-15 | CVE-2006-3022 | Fipsasp | Cross-Site Scripting vulnerability in fipsGallery Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter. | 6.8 |
2006-06-15 | CVE-2006-3021 | Blue Collar Productions | Cross-Site Scripting vulnerability in I-Gallery 3.3/3.4 Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) n and (2) d parameters in (a) login.asp and the d parameter in (b) igallery.asp. | 6.8 |
2006-06-15 | CVE-2006-3020 | Planete Afrique | Cross-Site Scripting vulnerability in Ws-Album Multiple cross-site scripting (XSS) vulnerabilities in FullPhoto.asp in WS-Album 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) image and (2) PublisedDate parameters. | 6.8 |
2006-06-15 | CVE-2006-2195 | Horde | Cross-Site Scripting vulnerability in Horde Application Framework Cross-site scripting (XSS) vulnerability in horde 3 (horde3) before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) templates/problem/problem.inc and (2) test.php. | 6.8 |
2006-06-13 | CVE-2006-2378 | Microsoft | Unspecified vulnerability in Microsoft products Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. | 6.8 |
2006-06-13 | CVE-2006-1313 | Microsoft | Unspecified vulnerability in Microsoft products Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. | 6.8 |
2006-06-12 | CVE-2006-2951 | Npds | Cross-Site Scripting vulnerability in Npds 4.8/5.0 Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the (1) Titlesitename or (2) sitename parameter to (a) header.php, (3) nuke_url parameter to (b) meta/meta.php, (4) forum parameter to (c) viewforum.php, (5) post_id, (6) forum, (7) topic, or (8) arbre parameter to (d) editpost.php, or (9) uname or (10) email parameter to (e) user.php. | 6.8 |
2006-06-12 | CVE-2006-2949 | Mybulletinboard | Cross-Site Scripting vulnerability in Mybulletinboard 1.1.2 Cross-site scripting (XSS) vulnerability in private.php in MyBB 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the do parameter. | 6.8 |
2006-06-16 | CVE-2006-3046 | Subtext | Remote Security vulnerability in Subtext 1.5 Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows remote administrators of one blog to login to another blog. | 6.5 |
2006-06-15 | CVE-2006-2197 | Wvware | Numeric Errors vulnerability in Wvware WV2 0.2.2 Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document. | 6.5 |
2006-06-15 | CVE-2006-2916 | KDE | Local Privilege Escalation vulnerability in KDE ArtsWrapper artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges. | 6.0 |
2006-06-15 | CVE-2006-3036 | Andy Mack | Cross-Site Scripting vulnerability in Andy Mack 35Mmslidegallery 6.0 Multiple cross-site scripting (XSS) vulnerabilities in 35mmslidegallery 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) imgdir parameter in (a) index.php, and the (2) w, (3) h, and (4) t parameters in (b) popup.php. | 5.8 |
2006-06-15 | CVE-2006-3035 | Myscrapbook | Cross-Site Scripting vulnerability in Myscrapbook 3.1 Multiple cross-site scripting (XSS) vulnerabilities in addwords.php in MyScrapbook 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) comment parameters. | 5.8 |
2006-06-13 | CVE-2006-3009 | Aliacom | Cross-Site Scripting vulnerability in Aliacom Open Business Management 1.0.3Pl1 Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 allow remote attackers to inject arbitrary HTML or web script via the (1) tf_lang, (2) tf_name, (3) tf_user, (4) tf_lastname, (5) tf_contact, (6) tf_datebefore, and (7) tf_dateafter parameters to files such as (a) publication/publication_index.php, (b) group/group_index.php, (c) user/user_index.php, (d) list/list_index.php, and (e) company/company_index.php. | 5.8 |
2006-06-13 | CVE-2006-3002 | Easy AD Manager | Cross-Site Scripting vulnerability in ScriptsEZ Easy Ad-Manager Cross-site scripting (XSS) vulnerability in details.php in Easy Ad-Manager allows remote attackers to inject arbitrary web script or HTML via the mbid parameter, which is reflected in an error message. | 5.8 |
2006-06-13 | CVE-2006-3001 | Okscripts | Cross-Site Scripting vulnerability in Okscripts Okmall 1.0 Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkMall 1.0 allow remote attackers to inject arbitrary web script or HTML via the page parameter. | 5.8 |
2006-06-13 | CVE-2006-2994 | Christian Becher | Cross-Site Scripting vulnerability in Christian Becher Phazizguestbook 2.0 Multiple cross-site scripting (XSS) vulnerabilities in index.php in phazizGuestbook 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) url fields, and (4) text field (content parameter). | 5.8 |
2006-06-16 | CVE-2006-3051 | SIX Offene Systeme Gmbh | Cross-Site Scripting vulnerability in SixCMS Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter. | 5.1 |
2006-06-16 | CVE-2006-3057 | Gnome | Remote Denial of Service vulnerability in Dhcdbd 1.10/1.12 Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption. | 5.0 |
2006-06-15 | CVE-2006-3034 | Myscrapbook | Information Disclosure vulnerability in Myscrapbook 3.1 MyScrapbook 3.1 allows remote attackers to obtain sensitive information via a direct request to files in the txt-db-api directory such as txt-db-api/sql.php, which reveals the path in an error message. | 5.0 |
2006-06-13 | CVE-2006-3005 | Gentoo | Denial-Of-Service vulnerability in Gentoo Linux and Media-Libs Jpeg The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits. | 5.0 |
2006-06-12 | CVE-2006-2978 | Mafia Moblog | Remote Security vulnerability in Mafia Moblog Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to (1) big.php and (2) upgrade.php. | 5.0 |
2006-06-12 | CVE-2006-2971 | Overkill | Remote Denial of Service vulnerability in Overkill 0.16 Integer overflow in the recv_packet function in 0verkill 0.16 allows remote attackers to cause a denial of service (daemon crash) via a UDP packet with fewer than 12 bytes, which results in a long length value to the crc32 function. | 5.0 |
2006-06-12 | CVE-2006-2970 | L0J1K | Information Disclosure vulnerability in L0J1K Tinymuw 0.1.0 videoPage.php in L0j1k tinyMuw 0.1.0 allows remote attackers to obtain sensitive information via a certain id parameter, probably with an invalid value, which reveals the path in an error message. | 5.0 |
2006-06-12 | CVE-2006-2952 | NET Portal Dynamic System | Input Validation vulnerability in NPDS Directory traversal vulnerability in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-06-12 | CVE-2006-2950 | Npds | Information Exposure vulnerability in Npds 4.8 Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) header.php, (2) contact.php, or (3) forum_extender.php, which reveals the path in an error message. | 5.0 |
2006-06-12 | CVE-2006-2948 | Alan Ward | Unspecified vulnerability in Alan Ward A-Cart A-CART 2.0 stores the acart2_0.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain username and password information. | 5.0 |
2006-06-12 | CVE-2006-2947 | DMX Forum | Remote Security vulnerability in DMX Forum DMX Forum 2.1A Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter. | 5.0 |
2006-06-12 | CVE-2006-2946 | DMX Forum | Remote Security vulnerability in Dmx Forum Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information. | 5.0 |
2006-06-12 | CVE-2006-2944 | CGI Rescue | Unspecified vulnerability in Cgi-Rescue Form2Mail Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. | 5.0 |
2006-06-16 | CVE-2006-3049 | Mole Group Ticket Booking Script | Cross-Site Scripting vulnerability in Mole Group Ticket Booking Script Multiple cross-site scripting (XSS) vulnerabilities in booking3.php in Mole Group Ticket Booking Script allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) address1, (3) address2, (4) county, (5) postcode, (6) email, (7) phone, or (8) mobile parameters to booking2.php. | 4.3 |
2006-06-16 | CVE-2006-3047 | Tiki | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.3.2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2006-06-15 | CVE-2006-3033 | Myscrapbook | HTML Injection vulnerability in Myscrapbook 3.1 Cross-site scripting (XSS) vulnerability in MyScrapbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input box in singlepage.php when submitting scrapbook pages. | 4.3 |
2006-06-15 | CVE-2006-3032 | Pensacola WEB Designs | Cross-Site Scripting vulnerability in Pensacola web Designs Xtreme ASP Photo Gallery 1.05/2.0 Multiple cross-site scripting (XSS) vulnerabilities in Xtreme ASP Photo Gallery 1.05 and earlier, and possibly 2.0 (trial), allow remote attackers to inject arbitrary web script or HTML via the (1) catname and (2) total parameters in (a) displaypic.asp, and the (3) catname parameter in (b) displaythumbs.asp. | 4.3 |
2006-06-15 | CVE-2006-3031 | Fipsasp | Cross-Site Scripting vulnerability in fipsCMS Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters. | 4.3 |
2006-06-15 | CVE-2006-3030 | Dwzone | Cross-Site Scripting vulnerability in Dwzone Shopping Cart Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ToCategory and (2) FromCategory parameters to (a) ProductDetailsForm.asp and (3) UserName and (4) Password parameters to (b) LogIn/VerifyUserLog.asp. | 4.3 |
2006-06-15 | CVE-2006-3029 | Clicktech | Cross-Site Scripting vulnerability in Clicktech Clickcart 6.0 Cross-site scripting (XSS) vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 4.3 |
2006-06-15 | CVE-2006-3026 | Clicktech | Cross-Site Scripting vulnerability in ClickGallery Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp. | 4.3 |
2006-06-15 | CVE-2006-3024 | Evgenius | Cross-Site Scripting vulnerability in Evgenius Counter Multiple cross-site scripting (XSS) vulnerabilities in EvGenius Counter 3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the page parameter in (1) monthly.php and (2) daily.php. | 4.3 |
2006-06-15 | CVE-2006-3023 | Uapplication | Cross-Site Scripting vulnerability in uPhotoGallery Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters. | 4.3 |
2006-06-13 | CVE-2006-2384 | Microsoft | Information Exposure vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability." | 4.3 |
2006-06-13 | CVE-2006-2380 | Microsoft | Improper Authentication vulnerability in Microsoft Windows 2000 Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability." | 4.3 |
2006-06-13 | CVE-2006-3007 | Nullsoft | HTML Injection vulnerability in Nullsoft SHOUTcast Multiple cross-site scripting (XSS) vulnerabilities in SHOUTcast 1.9.5 allow remote attackers to inject arbitrary HTML or web script via the DJ fields (1) Description, (2) URL, (3) Genre, (4) AIM, and (5) ICQ. | 4.3 |
2006-06-13 | CVE-2006-3006 | Ifoto | Cross-Site Scripting vulnerability in Ifoto 0.20 Cross-site scripting (XSS) vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter. | 4.3 |
2006-06-13 | CVE-2006-3004 | Scriptsez | Cross-Site Scripting vulnerability in ScriptsEZ Ez Ringtone Manager Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search. | 4.3 |
2006-06-13 | CVE-2006-3003 | Easy AD Manager | Cross-Site Scripting vulnerability in Easy Ad-Manager details.php in Easy Ad-Manager allows remote attackers to obtain the full installation path via an invalid mbid parameter, which leaks the path in an error message. | 4.3 |
2006-06-13 | CVE-2006-3000 | Okscripts | Cross-Site Scripting vulnerability in Okscripts Okarticles 1.0 Cross-site scripting (XSS) vulnerability in search.php in OkScripts OkArticles 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2006-06-13 | CVE-2006-2999 | Okscripts | Cross-Site Scripting vulnerability in Okscripts Quicklinks 1.1 Cross-site scripting (XSS) vulnerability in search.php in OkScripts QuickLinks 1.1 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | 4.3 |
2006-06-13 | CVE-2006-2992 | MY Photo Scrapbook | Input Validation vulnerability in My Photo Scrapbook Cross-site scripting (XSS) vulnerability in display.asp in My Photo Scrapbook 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the key_m parameter. | 4.3 |
2006-06-13 | CVE-2006-2991 | Ringlink | Cross-Site Scripting vulnerability in Ringlink 3.2 Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject arbitrary web script or HTML via a JavaScript URI in the SRC attribute of an IMG element, and possibly other manipulations, in the ringid parameter in (1) next.cgi, (2) stats.cgi, or (3) list.cgi. | 4.3 |
2006-06-13 | CVE-2006-2990 | Vanillasoft | Cross-Site Scripting vulnerability in Vanillasoft Helpdesk 2005 Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft Helpdesk 2005 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 4.3 |
2006-06-13 | CVE-2006-2989 | Iisworks | Cross-Site Scripting vulnerability in ListPics Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter. | 4.3 |
2006-06-13 | CVE-2006-2988 | Chemical Dictionary | Cross-Site Scripting vulnerability in ScriptsEZ Chemical Dictionary Cross-site scripting (XSS) vulnerability in dictionary.php in Chemical Dictionary allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in a browse action. | 4.3 |
2006-06-13 | CVE-2006-2986 | Baby Katie Media | Cross-Site Scripting vulnerability in Baby Katie Media Very Simple CAR Lister and Very Simple Realty Lister Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php. | 4.3 |
2006-06-13 | CVE-2006-2984 | Integramod | Cross-Site Scripting vulnerability in Integramod 1.4.0 Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. | 4.3 |
2006-06-12 | CVE-2006-2969 | L0J1K | Unspecified vulnerability in L0J1K Tinymuw 0.1.0 Cross-site scripting (XSS) vulnerability in L0j1k tinyMuw 0.1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the input box in quickchat.php, and possibly other manipulations. | 4.3 |
2006-06-12 | CVE-2006-2968 | PHP Labware | Cross-Site Scripting vulnerability in PHP Labware Labwiki 1.0 Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input box (query parameter). | 4.3 |
2006-06-12 | CVE-2006-2966 | Particle Soft | Cross-Site Scripting vulnerability in Particle Soft Particle Wiki 1.0.2 Cross-site scripting (XSS) vulnerability in Particle Soft Particle Wiki 1.0.2 allows remote attackers to inject arbitrary web script or HTML via a BR element with an extraneous IMG tag and a STYLE attribute that contains "/**/" comment sequences, which bypasses the XSS protection scheme. | 4.3 |
2006-06-12 | CVE-2006-2965 | Particle Soft | Cross-Site Scripting vulnerability in Particle Soft Particle Whois 1.0.3 Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the target parameter in index.php and (2) the "input box." | 4.3 |
2006-06-12 | CVE-2006-2963 | IT Direkt | Cross-Site Scripting vulnerability in Cabacos Web Cms Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlier allows remote attackers to inject arbitrary web script or HTML via the suchtext parameter. | 4.3 |
2006-06-12 | CVE-2006-2957 | Skoom | Cross-Site Scripting vulnerability in i.List Cross-site scripting (XSS) vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php. | 4.3 |
2006-06-12 | CVE-2006-2956 | Skoom | Input Validation vulnerability in i.List Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchword parameter to search.php or (2) siteurl parameter to add.php. | 4.3 |
2006-06-12 | CVE-2006-2955 | Kaphotoservice | Cross-Site Scripting vulnerability in KAPhotoservice Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice 7.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) New Category (newcategory) or (2) apage parameter to (a) edtalbum.asp, or the (3) cat or (4) albumid parameter to (b) album.asp. | 4.3 |
2006-06-12 | CVE-2006-2953 | Primoris Software | Input Validation vulnerability in OfficeFlow Cross-site scripting (XSS) vulnerability in default.asp in OfficeFlow 2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the sqlType parameter. | 4.3 |
2006-06-15 | CVE-2006-2449 | KDE | Symbolic Link vulnerability in KDE KDM Session Type KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. | 4.0 |
2006-06-12 | CVE-2006-2945 | Andreas Gohr | Information Disclosure vulnerability in Dokuwiki Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors. | 4.0 |
15 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-06-16 | CVE-2006-3050 | SIX Offene Systeme Gmbh | Directory Traversal vulnerability in SixCMS Directory traversal vulnerability in detail.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to read arbitrary files via a .. | 2.6 |
2006-06-16 | CVE-2006-3044 | Logisphere | Cross-Site Scripting vulnerability in Logisphere 1.6.0 Cross-site scripting (XSS) vulnerability in LogiSphere 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected in an error page. | 2.6 |
2006-06-16 | CVE-2006-3043 | Cfxe CMS | Cross-Site Scripting vulnerability in Cfxe-Cms Cross-site scripting (XSS) vulnerability in search.cfm in CreaFrameXe (CFXe) CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the voltext_suche parameter. | 2.6 |
2006-06-15 | CVE-2006-3039 | Cescripts | Cross-Site Scripting vulnerability in Realty Home Rent Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Home Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter. | 2.6 |
2006-06-15 | CVE-2006-3038 | Cescripts | Cross-Site Scripting vulnerability in Realty Room Rent Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Room Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter. | 2.6 |
2006-06-15 | CVE-2006-3037 | Site Trade | Cross-Site Scripting vulnerability in Site Trade ST Admanager Lite V1 Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, (3) article, (4) bio, and (5) name parameters. | 2.6 |
2006-06-13 | CVE-2006-1193 | Microsoft | Cross-Site Scripting vulnerability in Microsoft Exchange Server 2000 Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing." | 2.6 |
2006-06-13 | CVE-2006-2997 | ZMS Publishing | Cross-Site Scripting vulnerability in Zms Cross-site scripting (XSS) vulnerability in ZMS 2.9 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the raw parameter in the search field. | 2.6 |
2006-06-12 | CVE-2006-2979 | Viart | Cross-Site Scripting vulnerability in Viart Shop 2.5.5Free Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php. | 2.6 |
2006-06-12 | CVE-2006-2975 | PBL Guestbook | Cross-Site Scripting vulnerability in PBL Guestbook PBL Guestbook 1.31 Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. | 2.6 |
2006-06-12 | CVE-2006-2974 | Emailarchitect | Cross-Site Scripting vulnerability in Email Server Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp. | 2.6 |
2006-06-12 | CVE-2006-2958 | Filzip | Remote Directory Traversal vulnerability in Filzip 3.05 Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a .. | 2.6 |
2006-06-13 | CVE-2006-2374 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability." | 2.1 |
2006-06-13 | CVE-2006-2660 | PHP | Unspecified vulnerability in PHP Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. | 2.1 |
2006-06-12 | CVE-2006-2967 | Syworks | Security Bypass vulnerability in Safenet Syworks SafeNET allows local users to bypass restrictions on network resource consumption by editing the policy.dat file. | 2.1 |