Weekly Vulnerabilities Reports > June 19 to 25, 2006
Overview
140 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 44 high severity vulnerabilities. This weekly summary report vulnerabilities in 112 products from 96 vendors including Microsoft, Thinkfactory, Bitweaver, Comscripts, and Phpmyfactures. Vulnerabilities are notably categorized as "Code Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "SQL Injection", "Cross-site Scripting", and "Resource Management Errors".
- 135 reported vulnerabilities are remotely exploitables.
- 12 reported vulnerabilities have public exploit available.
- 6 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 136 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 5 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2006-06-19 | CVE-2006-3086 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Hyperlink Object Library Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059. | 9.3 |
44 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2006-06-23 | CVE-2006-3085 | Linux | Remote Denial of Service vulnerability in Linux Kernel XT_SCTP-netfilter xt_sctp in netfilter for Linux kernel before 2.6.17.1 allows attackers to cause a denial of service (infinite loop) via an SCTP chunk with a 0 length. | 7.8 |
| 2006-06-21 | CVE-2006-3127 | SUN | Resource Management Errors vulnerability in SUN products Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. | 7.8 |
| 2006-06-24 | CVE-2006-3221 | Softnews Media Group | SQL Injection vulnerability in DataLife Engine Subaction SQL injection vulnerability in index.php in DataLife Engine 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded values in the user parameter in a userinfo subaction. | 7.5 |
| 2006-06-24 | CVE-2006-3220 | Woltlab | SQL-Injection vulnerability in Woltlab Burning Board 2.2.1 SQL injection vulnerability in studienplatztausch.php in Woltlab Burning Board (WBB) 2.2.1 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | 7.5 |
| 2006-06-24 | CVE-2006-3219 | Woltlab | SQL-Injection vulnerability in Woltlab Burning Board 2.2.2 SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attackers to execute arbitrary SQL commands via the threadid parameter. | 7.5 |
| 2006-06-24 | CVE-2006-3218 | Woltlab | SQL-Injection vulnerability in Woltlab Burning Board 2.1.6 SQL injection vulnerability in profile.php in Woltlab Burning Board (WBB) 2.1.6 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 7.5 |
| 2006-06-24 | CVE-2006-3213 | Webboa | SQL Injection vulnerability in Webboa 1.1 SQL injection vulnerability in WeBBoA Hosting 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter to an unspecified script, possibly host/yeni_host.asp. | 7.5 |
| 2006-06-23 | CVE-2006-3198 | Opera | Integer Overflow or Wraparound vulnerability in Opera Browser Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. | 7.5 |
| 2006-06-23 | CVE-2006-3192 | PHP WEB Scripts | Remote File Include vulnerability in PHP web Scripts AD Manager PRO 2.6 PHP remote file inclusion vulnerability in Ad Manager Pro 2.6 allows remote attackers to execute arbitrary PHP code via a URL in the (1) ipath parameter in common.php and (2) unspecified vectors in ad.php. | 7.5 |
| 2006-06-23 | CVE-2006-3190 | Hotplug CMS | SQL-Injection vulnerability in Hotplug CMS Hotplug CMS 1.0 SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters. | 7.5 |
| 2006-06-23 | CVE-2006-3188 | Sharky E Shop | SQL-Injection vulnerability in Sharky E-Shop Multiple SQL injection vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. | 7.5 |
| 2006-06-23 | CVE-2006-3185 | CMS Faethon | Remote File Include vulnerability in CMS Faethon CMS Faethon 1.3.2 PHP remote file inclusion vulnerability in data/header.php in CMS Faethon 1.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter. | 7.5 |
| 2006-06-23 | CVE-2006-3182 | Mobescripts | Directory Traversal vulnerability in Mobescripts Mobile Space Community 2.0 Directory traversal vulnerability in index.php in MobeScripts Mobile Space Community 2.0 allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2006-06-23 | CVE-2006-3181 | Mobescripts | SQL Injection vulnerability in Mobescripts Mobile Space Community 2.0 SQL injection vulnerability in index.php in MobeScripts Mobile Space Community 2.0 allows remote attackers to execute arbitrary SQL commands via the browse parameter. | 7.5 |
| 2006-06-23 | CVE-2006-3177 | Bible Portal Project | Remote File Include vulnerability in Bible Portal Rtf_parser.PHP PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The Bible Portal Project 2.12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the destination parameter. | 7.5 |
| 2006-06-23 | CVE-2006-3176 | Xaran | SQL Injection vulnerability in Xaran CMS 2.0 SQL injection vulnerability in xarancms_haupt.php in xarancms 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2006-06-23 | CVE-2006-3175 | Mcguestbook | Code Injection vulnerability in Mcguestbook 1.3 Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. | 7.5 |
| 2006-06-23 | CVE-2006-3173 | Content Builder | Remote File Include vulnerability in Content*Builder 0.7.5 Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) path[cb] parameter to (a) libraries/comment/postComment.php and (b) modules/poll/poll.php, (2) rel parameter to (c) modules/archive/overview.inc.php, and the (3) actualModuleDir parameter to (d) modules/forum/showThread.inc.php. | 7.5 |
| 2006-06-23 | CVE-2006-3172 | Content Builder | Code Injection vulnerability in Content*Builder 0.7.5 Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll.inc.php, (c) cms/plugins/user_managment/usrPortrait.inc.php, (d) cms/plugins/user_managment/user.inc.php, (e) cms/plugins/media_manager/media.inc.php, (f) cms/plugins/events/permanent.eventMonth.inc.php, (g) cms/plugins/events/events.inc.php, and (h) cms/plugins/newsletter2/newsletter.inc.php; (2) path[cb] parameter to (i) modules/guestbook/guestbook.inc.php, (j) modules/shoutbox/shoutBox.php, and (k) modules/sitemap/sitemap.inc.php; and the (3) rel parameter to (l) modules/download/overview.inc.php, (m) modules/download/detailView.inc.php, (n) modules/article/fullarticle.inc.php, (o) modules/article/comments.inc.php, (p) modules/article2/overview.inc.php, (q) modules/article2/fullarticle.inc.php, (r) modules/article2/comments.inc.php, (s) modules/headline/headlineBox.php, and (t) modules/headline/showHeadline.inc.php. | 7.5 |
| 2006-06-23 | CVE-2006-3168 | Comscripts | SQL-Injection vulnerability in Cs-Forum SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php. | 7.5 |
| 2006-06-22 | CVE-2006-3165 | Free Realty | SQL Injection vulnerability in Free Realty Propview.PHP SQL injection vulnerability in propview.php in Free Realty 2.9-0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3164 | TPL Design | SQL Injection vulnerability in TPL Design TplShop Category.PHP SQL injection vulnerability in category.php in TPL Design tplShop 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the first_row parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3163 | Imgallery | SQL Injection vulnerability in IMGallery Galeria.PHP Multiple SQL injection vulnerabilities in galeria.php in IMGallery 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) start or (2) sort parameters. | 7.5 |
| 2006-06-22 | CVE-2006-3162 | Smartsitecms | Remote File Include vulnerability in SmartSiteCMS Inc_Foot.PHP PHP remote file inclusion vulnerability in include/inc_foot.php in SmartSiteCMS 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3161 | Saphp | SQL Injection vulnerability in Saphp Saphplesson 1.1 SQL injection vulnerability in misc.php in SaphpLesson 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the action parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3158 | Eduha Meeting | Unspecified vulnerability in Eduha Meeting Eduha Meeting index.php in Eduha Meeting does not properly restrict file extensions before permitting a file upload, which allows remote attackers to bypass security checks and upload or execute arbitrary php code via the add action. | 7.5 |
| 2006-06-22 | CVE-2006-3154 | Thinkfactory | Input Validation vulnerability in Thinkfactory Ultimate Estate 1.0 SQL injection vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3152 | Bluehouse Project | SQL Injection vulnerability in Bluehouse Project PHPtrader 4.9Sp5 Multiple SQL injection vulnerabilities in phpTRADER 4.9 SP5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sectio parameter in (a) login.php, (b) write_newad.php, (c) newad.php, (d) printad.php, (e) askseller.php, (f) browse.php, (g) showmemberads.php, (h) note_ad.php, (i) abuse.php, (j) buynow.php, (k) confirm_newad.php, (2) an parameter in (l) printad.php, (m) note_ad.php, (3) who parameter in (n) showmemberads.php, and (4) adnr parameter in (o) buynow.php. | 7.5 |
| 2006-06-22 | CVE-2006-3150 | Cavoxcms | SQL Injection vulnerability in Cavoxcms 1.0.16 SQL injection vulnerability in index.php in CavoxCms 1.0.16 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3148 | Open Realty | SQL Injection vulnerability in Open-Realty 2.3.1 SQL injection vulnerability, possibly in search.inc.php, in Open-Realty 2.3.1 allows remote attackers to execute arbitrary SQL commands via the sorttype parameter to index.php. | 7.5 |
| 2006-06-22 | CVE-2006-3144 | IBD | Code Injection vulnerability in IBD Micro CMS 0.3.5 PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) and earlier allows remote attackers to execute arbitrary PHP code via a URL in the microcms_path parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3142 | Vbzoom | SQL Injection vulnerability in Vbzoom 1.11 SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote attackers to execute arbitrary SQL commands via the MainID parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3140 | Openci | SQL-Injection vulnerability in Openci SQL injection vulnerability in index.php in openCI 1.0 BETA 0.20.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2006-06-22 | CVE-2006-3139 | Vwar | SQL Injection vulnerability in Vwar Virtual WAR Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters. | 7.5 |
| 2006-06-22 | CVE-2006-3130 | Clubpage | Input Validation vulnerability in Clubpage SQL injection vulnerability in index.php in Clubpage allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
| 2006-06-21 | CVE-2006-2911 | Hotwebscripts | SQL Injection vulnerability in CMS MUNDO Control Panel SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
| 2006-06-21 | CVE-2006-3111 | Chipmailer | SQL Injection vulnerability in Chipmailer 1.09 Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by (1) anfang, (2) name, (3) mail, (4) anrede, (5) vorname, (6) nachname, (7) gebtag, (8) gebmonat, and (9) gebjahr. | 7.5 |
| 2006-06-19 | CVE-2006-3096 | Ipostmx | SQL-Injection vulnerability in Ipostmx 2005 Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter in topics.cfm. | 7.5 |
| 2006-06-19 | CVE-2006-3092 | Phpmyfactures | Security Bypass vulnerability in PHPmyfactures 1.0 PhpMyFactures 1.2 and earlier allows remote attackers to bypass authentication and modify data via direct requests with modified parameters to (1) /tva/ajouter_tva.php, (2) /remises/ajouter_remise.php, (3) /pays/ajouter_pays.php, (4) /pays/modifier_pays.php, (5) /produits/ajouter_cat.php, (6) /produits/ajouter_produit.php, (7) /clients/ajouter_client.php, (8) /clients/modifier_client.php. | 7.5 |
| 2006-06-19 | CVE-2006-3078 | Apboard | SQL Injection vulnerability in APBoard Multiple SQL injection vulnerabilities in APBoard 2.2-r3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) PHPSESSID parameter in board.php and (2) viewcatmod parameter in main.php. | 7.5 |
| 2006-06-19 | CVE-2006-3075 | Picturedis | Remote File Include vulnerability in Picturedis Photoalbum and Picturedis Professional Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and earlier and PictureDis Photoalbum 4.82 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to files in photoalbum/ including (1) thumstbl.php, (2) wpfiles.php, and (3) wallpapr.php. | 7.5 |
| 2006-06-19 | CVE-2006-3065 | Blursoft | SQL-Injection vulnerability in Blursoft Blur6Ex 0.3.462 SQL injection vulnerability in engine/shards/blog.php in blur6ex 0.3.462 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a proc_reply action in the blog shard. | 7.5 |
| 2006-06-19 | CVE-2006-3064 | Coppermine | SQL Injection vulnerability in Coppermine Photo Gallery 1.4.8 SQL injection vulnerability in the add_hit function in include/function.inc.php in Coppermine Photo Gallery (CPG) 1.4.8, when "Keep detailed hit statistics" is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) referer and (2) user-agent HTTP headers. | 7.5 |
| 2006-06-19 | CVE-2006-3012 | Eschew NET | SQL Injection vulnerability in phpBannerExchange SQL injection vulnerability in phpBannerExchange before 2.0 Update 6 allows remote attackers to execute arbitrary SQL commands via the (1) login parameter in (a) client/stats.php and (b) admin/stats.php, or the (2) pass parameter in client/stats.php. | 7.5 |
86 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2006-06-23 | CVE-2006-3183 | Mobescripts | Cross-Site Scripting vulnerability in Mobescripts Mobile Space Community 2.0 Cross-site scripting (XSS) vulnerability in index.php in MobeScripts Mobile Space Community 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) browse parameter, which is not filtered in the resulting error message, and multiple unspecified input fields, including those involved when (2) updating a profile, (3) posting comments or entries in a blog, (4) uploading files, (5) picture captions, and (6) sending a private message (PM). | 6.8 |
| 2006-06-23 | CVE-2006-3180 | Swsoft | Cross-Site Scripting vulnerability in Swsoft Confixx Pro3 Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter. | 6.8 |
| 2006-06-19 | CVE-2006-3093 | Adobe | Security vulnerability in Adobe Reader Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown impact and unknown vectors. | 6.8 |
| 2006-06-22 | CVE-2006-3147 | Hosting Controller | Privilege Escalation vulnerability in Hosting Controller Addreseller.ASP Unspecified vulnerability in Hosting Controller before 6.1 (aka Hotfix 3.2) allows remote authenticated attackers to gain host admin privileges, list all resellers, or change resellers' passwords via unspecified vectors. | 6.5 |
| 2006-06-23 | CVE-2006-3194 | Singapore | Directory Traversal and Cross-Site Scripting vulnerability in Singapore Gallery Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. | 6.4 |
| 2006-06-19 | CVE-2006-3076 | Phpbluedragon | Remote File Include vulnerability in PHPbluedragon CMS 2.9.1 PHP remote file inclusion vulnerability in software_upload/public_includes/pub_templates/vphptree/template.php in PhpBlueDragon CMS 2.9.1 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter. | 6.4 |
| 2006-06-23 | CVE-2006-3189 | Hotplug CMS | Cross-Site Scripting vulnerability in Hotplug CMS Hotplug CMS 1.0 Cross-site scripting (XSS) vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 5.8 |
| 2006-06-22 | CVE-2006-3157 | Thinkfactory | Cross-Site Scripting vulnerability in Thinkfactory UltimateGoogle Cross-site scripting (XSS) vulnerability in index.php in Thinkfactory UltimateGoogle 1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the REQ parameter. | 5.8 |
| 2006-06-22 | CVE-2006-3132 | QTO | Cross-Site Scripting vulnerability in QTO Qtofilemanager 1.0 Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php. | 5.8 |
| 2006-06-24 | CVE-2006-3210 | LE Ralf | Code Injection vulnerability in LE Ralf Image Gallery Ralf Image Gallery (RIG) 0.7.4 and other versions before 1.0, when register_globals is enabled, allows remote attackers to conduct PHP remote file inclusion and directory traversal attacks via URLs or ".." sequences in the (1) dir_abs_src parameter in (a) check_entry.php, (b) admin_album.php, (c) admin_image.php, and (d) admin_util.php; and the (2) dir_abs_admin_src parameter in admin_album.php and admin_image.php. | 5.1 |
| 2006-06-23 | CVE-2006-2915 | Deluxebb | SQL Injection vulnerability in Deluxebb 1.06 Multiple SQL injection vulnerabilities in DeluxeBB 1.06 allow remote attackers to execute arbitrary SQL commands via the (1) hideemail, (2) languagex, (3) xthetimeoffset, and (4) xthetimeformat parameters during account registration. | 5.1 |
| 2006-06-23 | CVE-2006-2914 | Deluxebb | Remote File Include vulnerability in Deluxebb 1.06 PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to (1) postreply.php, (2) posting.php, (3) and pm/newpm.php in the deluxe/ directory, and (4) postreply.php, (5) posting.php, and (6) pm/newpm.php in the default/ directory. | 5.1 |
| 2006-06-23 | CVE-2006-3193 | Grayscale | Code Injection vulnerability in Grayscale Bandsite CMS 1.1.1 Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS 1.1.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) includes/content/contact_content.php; multiple files in adminpanel/includes/add_forms/ including (2) addbioform.php, (3) addfliersform.php, (4) addgenmerchform.php, (5) addinterviewsform.php, (6) addlinksform.php, (7) addlyricsform.php, (8) addmembioform.php, (9) addmerchform.php, (10) addmerchpicform.php, (11) addnewsform.php, (12) addphotosform.php, (13) addreleaseform.php, (14) addreleasepicform.php, (15) addrelmerchform.php, (16) addreviewsform.php, (17) addshowsform.php, (18) addwearmerchform.php; (19) adminpanel/includes/mailinglist/disphtmltbl.php, and (20) adminpanel/includes/mailinglist/dispxls.php. | 5.1 |
| 2006-06-22 | CVE-2006-3014 | Microsoft | Improper Input Validation vulnerability in Microsoft Excel Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet. | 5.1 |
| 2006-06-21 | CVE-2006-2931 | Hotwebscripts | Arbitrary PHP Code Execution vulnerability in CMS Mundo CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files. | 5.1 |
| 2006-06-21 | CVE-2006-3107 | Docebo | File Include vulnerability in Docebo Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) admin/modules/news/news_class.php and (b) admin/modules/content/content_class.php, and (2) GLOBALS[where_cms] to (c) admin/modules/block_media/util.media.php. | 5.1 |
| 2006-06-21 | CVE-2006-3102 | Bitweaver | Remote Security vulnerability in Bitweaver 1.3 Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory. | 5.1 |
| 2006-06-20 | CVE-2006-2942 | Twiki | Privilege Escalation vulnerability in Twiki 4.0.0/4.0.1/4.0.2 TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki administrator privileges via a TWiki.TWikiRegistration form with a modified action attribute that references the Sandbox web instead of the user web, which can then be used to associate the user's login name with the WikiName of a member of the TWikiAdminGroup. | 5.1 |
| 2006-06-19 | CVE-2006-3094 | Vincent HOR | SQL-Injection vulnerability in Calendarix Basic Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter in (1) cal_event.php and (2) cal_popup.php. | 5.1 |
| 2006-06-19 | CVE-2006-3090 | Phpmyfactures | SQL-Injection vulnerability in PHPmyfactures 1.0 Multiple SQL injection vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earlier, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) id_pays parameter in (a) /pays/modifier_pays.php; (2) id_produit, (3) quantite, (4) prix_ht, and (5) date parameter in (b) /stocks/ajouter.php; (6) id_cat parameter in (c) /produits/modifier_cat.php; (7) id_client parameter in (d) /clients/modifier_client.php; (8) id_remise parameter in (e) /remises/index.php; (9) id_taux parameter in (f) /tva/index.php; (10) ref_produit, and (11) id_stock parameter in (g) /stocks/index.php; (12) id_pays parameter in (h) /pays/index.php; and (13) id_cat parameter in (i) /produits/index.php. | 5.1 |
| 2006-06-19 | CVE-2006-3013 | Eschew NET | SQL Injection vulnerability in phpBannerExchange Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 Update 6 allows remote attackers to execute arbitrary SQL commands via an email parameter containing a null (%00) character after a valid e-mail address, which passes the validation check in the eregi PHP command. | 5.1 |
| 2006-06-24 | CVE-2006-3222 | Fortinet | Unspecified vulnerability in Fortinet Fortios The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode. | 5.0 |
| 2006-06-24 | CVE-2006-3214 | Hitachi | Remote Denial of Service vulnerability in Hitachi Groupmax Address Server and Groupmax Mail Server Unspecified vulnerability in Hitachi Groupmax Address Server 7 and earlier, and Groupmax Mail Server 7 and earlier allows remote attackers to cause a denial of service (product "stop") via unspecified vectors involving "unexpected requests". | 5.0 |
| 2006-06-24 | CVE-2006-3207 | Ultimate PHP Board | Directory Traversal vulnerability in Ultimate PHP Board Directory traversal vulnerability in newpost.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. | 5.0 |
| 2006-06-24 | CVE-2006-3206 | Ultimate PHP Board | Remote Security vulnerability in Ultimate PHP Board register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the "[NR]" sequence in the signature field, which is used to separate multiple records. | 5.0 |
| 2006-06-23 | CVE-2006-2918 | Lanap Botdetect | Permissions, Privileges, and Access Controls vulnerability in Lanap Botdetect Captcha Asp.Net The Lanap BotDetect APS.NET CAPTCHA component before 1.5.4.0 stores the UUID and hash for a CAPTCHA in the ViewState of a page, which makes it easier for remote attackers to conduct automated attacks by "replaying the ViewState for a known number." | 5.0 |
| 2006-06-23 | CVE-2006-3200 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. | 5.0 |
| 2006-06-23 | CVE-2006-3199 | Opera | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opera Browser 9.0 Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. | 5.0 |
| 2006-06-23 | CVE-2006-3196 | Singapore | Remote Security vulnerability in singapore index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message. | 5.0 |
| 2006-06-23 | CVE-2006-3178 | JED Wing | Directory Traversal vulnerability in CHM Lib Extract_chmlib Directory traversal vulnerability in extract_chmLib example program in CHM Lib (chmlib) before 0.38 allows remote attackers to overwrite arbitrary files via a CHM archive containing files with a .. | 5.0 |
| 2006-06-23 | CVE-2006-3171 | Comscripts | Remote Security vulnerability in Cs-Forum CRLF injection vulnerability in CS-Forum before 0.82 allows remote attackers to inject arbitrary email headers via a newline character in the email parameter to ajouter.php. | 5.0 |
| 2006-06-23 | CVE-2006-3170 | Comscripts | Information Disclosure vulnerability in Cs-Forum CS-Forum before 0.82 allows remote attackers to obtain sensitive information via unspecified manipulations, possibly involving an empty collapse[] or readall parameter to index.php, which reveals the installation path in an error message. | 5.0 |
| 2006-06-22 | CVE-2006-3167 | Free Realty | Information Disclosure vulnerability in Free Realty Free Realty before 2.9 allows remote attackers to obtain the full path and other sensitive information via unspecified manipulations that produce an error message. | 5.0 |
| 2006-06-22 | CVE-2006-3146 | Toshiba Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Toshiba Bluetooth Stack The TOSRFBD.SYS driver for Toshiba Bluetooth Stack 4.00.29 and earlier on Windows allows remote attackers to cause a denial of service (reboot) via a L2CAP echo request that triggers an out-of-bounds memory access, similar to "Ping o' Death" and as demonstrated by BlueSmack. | 5.0 |
| 2006-06-22 | CVE-2006-3145 | Netpbm | Remote Off-By-One Buffer Overflow vulnerability in NetPBM Pamtofits Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error. | 5.0 |
| 2006-06-21 | CVE-2006-3112 | Chipmailer | Information Disclosure vulnerability in Chipmailer 1.09 Chipmailer 1.09 allows remote attackers to obtain sensitive information via a direct request to php.php, which displays the output of the phpinfo function. | 5.0 |
| 2006-06-21 | CVE-2006-3105 | Bitweaver | Remote Security vulnerability in Bitweaver 1.3 CRLF injection vulnerability in Bitweaver 1.3 allows remote attackers to conduct HTTP response splitting attacks by via CRLF sequences in multiple unspecified parameters that are injected into HTTP headers, as demonstrated by the BWSESSION parameter in index.php. | 5.0 |
| 2006-06-21 | CVE-2006-3104 | Bitweaver | Information Disclosure vulnerability in Bitweaver 1.3 users/index.php in Bitweaver 1.3 allows remote attackers to obtain sensitive information via an invalid sort_mode parameter, which reveals the installation path and database information in the resultant error message. | 5.0 |
| 2006-06-19 | CVE-2006-3091 | Phpmyfactures | Remote Security vulnerability in PHPmyfactures 1.0 PhpMyFactures 1.0, and possibly 1.2 and earlier, allows remote attackers to obtain the installation path via a direct request to (1) /verif.php, (2) /inc/footer.php, and (3) /remises/ajouter_remise.php. | 5.0 |
| 2006-06-19 | CVE-2006-3082 | Gnupg | Numeric Errors vulnerability in Gnupg parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. | 5.0 |
| 2006-06-19 | CVE-2006-3074 | Kaspersky Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Kaspersky Anti-Virus and Kaspersky Internet Security klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess. | 5.0 |
| 2006-06-19 | CVE-2006-3070 | Zeroboard | Unspecified vulnerability in Zeroboard 4.1Pl8 write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php. | 5.0 |
| 2006-06-19 | CVE-2006-3068 | IBM | Resource Management Errors vulnerability in IBM DB2 Universal Database 8.1 IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... | 5.0 |
| 2006-06-19 | CVE-2006-3067 | IBM | Denial-Of-Service vulnerability in IBM DB2 Universal Database 8.0/8.1 Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow. | 5.0 |
| 2006-06-19 | CVE-2006-3066 | IBM | Denial of Service vulnerability in IBM DB2 Universal Database Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection. | 5.0 |
| 2006-06-23 | CVE-2006-3202 | Netbsd | Denial-Of-Service vulnerability in NetBSD The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket. | 4.9 |
| 2006-06-23 | CVE-2006-3201 | HP | Local Denial of Service vulnerability in HP Hp-Ux 11.00/11.11/11.23 Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | 4.9 |
| 2006-06-20 | CVE-2006-3097 | HP | Local Denial of Service vulnerability in HP Hp-Ux 11.11/11.23 Unspecified vulnerability in Support Tools Manager (xstm, cstm, and stm) on HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | 4.9 |
| 2006-06-21 | CVE-2006-3128 | Easy CMS | Unspecified vulnerability in Easy-Cms 0.1.2 choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a GIF file extension, then directly accessing that file in the Repositories directory. | 4.6 |
| 2006-06-19 | CVE-2006-3072 | Symantec | Authentication Bypass vulnerability in Symantec Security Information Manager M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation. | 4.6 |
| 2006-06-24 | CVE-2006-3212 | Cjguestbook | HTML Injection vulnerability in Cjguestbook 1.2 Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject web script or HTML via the (1) name, (2) email, (3) add, and (4) wName parameters. | 4.3 |
| 2006-06-23 | CVE-2006-3197 | Invision Power Services | HTML Injection vulnerability in Invision Power Board Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML. | 4.3 |
| 2006-06-23 | CVE-2006-3195 | Singapore | Directory Traversal and Cross-Site Scripting vulnerability in Singapore Gallery Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter. | 4.3 |
| 2006-06-23 | CVE-2006-3191 | Tpvgames | Cross-Site Scripting vulnerability in Tpvgames Mpcs 0.2 Cross-site scripting (XSS) vulnerability in comment.php in MPCS 0.2 allows remote attackers to inject arbitrary web script or HTML via the pageid parameter. | 4.3 |
| 2006-06-23 | CVE-2006-3187 | Sharky E Shop | Cross-Site Scripting vulnerability in Sharky E-Shop Search_Prod_List.ASP Multiple cross-site scripting (XSS) vulnerabilities in Sharky e-shop 3.05 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) maingroup and (2) secondgroup parameters to (a) search_prod_list.asp, and the (3) maingroup parameter to (b) meny2.asp. | 4.3 |
| 2006-06-23 | CVE-2006-3186 | CMS Faethon | Cross-Site Scripting vulnerability in CMS Faethon CMS Faethon 1.3.2 Multiple cross-site scripting (XSS) vulnerabilities in CMS Faethon 1.3.2 allow remote attackers to inject arbitrary web script or HTML via the mainpath parameter to (1) data/footer.php and (2) admin/header.php. | 4.3 |
| 2006-06-23 | CVE-2006-3179 | Swsoft | Cross-Site Scripting vulnerability in SWSoft Confixx Pro Cross-site scripting (XSS) vulnerability in tools_ftp_pwaendern.php in Confixx Pro 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the account parameter. | 4.3 |
| 2006-06-23 | CVE-2006-3169 | Comscripts | Cross-Site Scripting vulnerability in Cs-Forum Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) msg_result and (2) rep_titre parameters in (a) read.php; and the (3) id and (4) parent parameters and (5) CSForum_nom, (6) CSForum_mail, and (7) CSForum_url cookie parameters in (b) ajouter.php. | 4.3 |
| 2006-06-22 | CVE-2006-3166 | Free Realty | Cross-Site Scripting vulnerability in Free Realty Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows remote attackers to execute arbitrary web script or HTML via the sort parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3156 | Thinkfactory | Cross-Site Scripting vulnerability in Thinkfactory Ultimate Eshop 1.0 Cross-site scripting (XSS) vulnerability in index.cgi in Ultimate eShop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the subid parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3155 | Thinkfactory | Cross-Site Scripting vulnerability in Ultimate Estate Multiple cross-site scripting (XSS) vulnerabilities in Ultimate Auction 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) item parameter in (a) emailtofriend.pl or (b) violation.pl, (2) seller parameter in (c) vsoa.pl, (3) user parameter in (d) userask.pl or (e) leavefeed.pl, (4) itemnum parameter in userask.pl, (5) category parameter in (f) itemlist.pl, and the (6) query parameter in (g) search.pl. | 4.3 |
| 2006-06-22 | CVE-2006-3153 | Thinkfactory | Input Validation vulnerability in Ultimate Estate Cross-site scripting (XSS) vulnerability in index.pl in Ultimate Estate 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3151 | Associated | Cross-Site Scripting vulnerability in AssoCIateD Cross-site scripting (XSS) vulnerability in index.php in AssoCIateD (aka ACID) 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the menu parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3149 | Phpmyforum | Cross-Site Scripting vulnerability in PHPmyforum 4.0/4.1/4.1.3 Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3141 | Dpivision | Cross-Site Scripting vulnerability in DPVision Tradingeye Shop Details.CFM Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3138 | Accomplishtechnology | Cross-Site Scripting vulnerability in Accomplishtechnology PHPmydirectory Multiple cross-site scripting (XSS) vulnerabilities in phpMyDirectory 10.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PIC parameter in offers-pix.php, (2) from parameter in cp/index.php, and (3) action parameter in cp/admin_index.php. | 4.3 |
| 2006-06-22 | CVE-2006-3137 | Cutting Edge Computing | Cross-Site Scripting vulnerability in The Edge eCommerce Shop ProductDetail.ASP Cross-site scripting (XSS) vulnerability in productDetail.asp in Edge eCommerce Shop allows remote attackers to inject arbitrary web script or HTML via the cart_id parameter. | 4.3 |
| 2006-06-22 | CVE-2006-3131 | Clubpage | Input Validation vulnerability in Clubpage Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow remote attackers to inject arbitrary web script or HTML via the (1) news_archive, (2) language, and (3) intranetLogin parameters in (a) index.php; the (4) sites_id parameter in (b) sites.php; and the (5) news_id parameter in (c) news_more.php. | 4.3 |
| 2006-06-22 | CVE-2006-3129 | NC Linklist | Cross-Site Scripting vulnerability in NC Linklist NC Linklist 1.2 Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC LinkList 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) view parameters. | 4.3 |
| 2006-06-21 | CVE-2006-3110 | Chipmailer | Cross-Site Scripting vulnerability in Chipmailer 1.09 Cross-site scripting (XSS) vulnerability in main.php in Chipmailer 1.09 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) betreff, (3) mail, and (4) text parameters. | 4.3 |
| 2006-06-21 | CVE-2006-3109 | Cisco | Cross-Site Scripting vulnerability in Cisco CallManager Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657. | 4.3 |
| 2006-06-21 | CVE-2006-3108 | Emailarchitect | Cross-Site Scripting vulnerability in Emailarchitect Email Server 6.1 Cross-site scripting (XSS) vulnerability in EmailArchitect Email Server 6.1 allows remote attackers to inject arbitrary Javascript via an HTML div tag with a carriage return between the onmouseover attribute and its value, which bypasses the mail filter. | 4.3 |
| 2006-06-21 | CVE-2006-3106 | Fredi Bach | Cross-Site Scripting vulnerability in Fredi Bach PHPmydesktop Arcade 1.0Final Cross-site scripting (XSS) vulnerability in index.php in phpMyDesktop|Arcade 1.0 allows remote attackers to inject arbitrary web script or HTML via the subsite parameter in the subsite todo. | 4.3 |
| 2006-06-21 | CVE-2006-3103 | Bitweaver | Cross-Site Scripting vulnerability in Bitweaver 1.3 Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error parameter in users/login.php and the (2) feedback parameter in articles/index.php. | 4.3 |
| 2006-06-21 | CVE-2006-3101 | Cisco | Cross-Site Scripting vulnerability in Cisco Secure Access Control Server 2.3 Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters. | 4.3 |
| 2006-06-19 | CVE-2006-3095 | Ipostmx | Cross-Site Scripting vulnerability in IPostMX 2005 Userlogin.CFM and Account.CFM Multiple cross-site scripting (XSS) vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the RETURNURL parameter in (1) userlogin.cfm and (2) account.cfm. | 4.3 |
| 2006-06-19 | CVE-2006-3089 | Phpmyfactures | Cross-Site Scripting vulnerability in PHPmyfactures 1.0 Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) prefixe_dossier parameter in (a) /inc/header.php; (2) msg parameter in (b) /remises/ajouter_remise.php, (c) /tva/ajouter_tva.php, (d) /stocks/ajouter.php, (e) /pays/ajouter_pays.php, (f) /produits/ajouter_cat.php, (g) /produits/ajouter_produit.php and (h) /produits/modifier_cat.php; (3) tire parameter in /remises/ajouter_remise.php; (4) quantite, (5) taux and (6) date parameter in /stocks/ajouter.php; and (7) pays and (8) prefixe parameter in /pays/ajouter_pays.php. | 4.3 |
| 2006-06-19 | CVE-2006-3088 | Cescripts | Cross-Site Scripting vulnerability in Car Classifieds Cross-site scripting (XSS) vulnerability in index.php in Car Classifieds allows remote attackers to inject arbitrary web script or HTML via the make_id parameter. | 4.3 |
| 2006-06-19 | CVE-2006-3087 | Ezgallery | Cross-Site Scripting vulnerability in Ezgallery Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pUserID, (2) aid, (3) aname, (4) uid, and (5) m parameter in (a) common/galleries.asp; (6) aid, (7) aname, (8) uid, (9) m, (10) gp, and (11) g parameter in (b) common/pupload.asp; and (12) msg, (13) fn and (14) gp parameter in (c) common/upload.asp. | 4.3 |
| 2006-06-19 | CVE-2006-3080 | Axent | Cross-Site Scripting vulnerability in AxentForum viewposts.cfm Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter. | 4.3 |
| 2006-06-19 | CVE-2006-3079 | Sspwiz | Cross-Site Scripting vulnerability in SSPwiz Plus Cross-site scripting (XSS) vulnerability in index.cfm in SSPwiz Plus 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter. | 4.3 |
| 2006-06-19 | CVE-2006-3077 | Axent | Cross-Site Scripting vulnerability in Axentguestbook Cross-site scripting (XSS) vulnerability in guestbook.cfm in aXentGuestbook 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter. | 4.3 |
| 2006-06-19 | CVE-2006-3060 | Webexceluk | Cross-Site Scripting vulnerability in Webexceluk P.A.I.D 2.2 Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote attackers to inject arbitrary web script or HTML via the (1) read parameter in index.php, (2) farea parameter in faq.php, and (3) unspecified input fields on the "My Account" login page. | 4.3 |
| 2006-06-23 | CVE-2006-3184 | ASP Stats Generator | Remote Security vulnerability in Asp Stats Generator Direct static code injection vulnerability in ASP Stats Generator before 2.1.2 allows remote authenticated attackers to execute arbitrary ASP code via the strAsgSknPageBgColour parameter to settings_skin.asp, which is stored in inc_skin_file.asp. | 4.0 |
| 2006-06-22 | CVE-2006-3143 | Maximus | Cross-Site Scripting vulnerability in Maximus Schoolmax 4.0.1 Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the error_msg parameter. | 4.0 |
| 2006-06-19 | CVE-2006-3081 | Mysql Oracle | Remote Denial Of Service vulnerability in MySQL Server Str_To_Date mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. | 4.0 |
9 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2006-06-24 | CVE-2006-3217 | Jaguarsoft | Information Disclosure vulnerability in JaguarEdit ActiveX Control JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and earlier allows remote attackers to obtain sensitive information, such as the username and MAC and IP addresses, by setting the test field to certain values such as 2404 or 2790, then reading the information from the .JText field. | 2.6 |
| 2006-06-23 | CVE-2006-3174 | Squirrelmail | Cross-Site Scripting vulnerability in SquirrelMail Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter. | 2.6 |
| 2006-06-22 | CVE-2006-3160 | Onedotoh | Cross-Site Scripting vulnerability in Simple File Manager FM.php Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | 2.6 |
| 2006-06-19 | CVE-2006-3073 | Cisco | Cross-Site Scripting vulnerability in Cisco VPN3K/ASA WebVPN Clientless Mode Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). | 2.6 |
| 2006-06-19 | CVE-2006-3071 | Anton Belev | Cross-Site Scripting vulnerability in Anton Belev MP3 Search Archive 1.2 Cross-site scripting (XSS) vulnerability in index.php in MP3 Search/Archive 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter, as used by the "search box", and (2) res parameter. | 2.6 |
| 2006-06-19 | CVE-2006-3063 | Myphp Guestbook | Cross-Site Scripting vulnerability in MyPHP Guestbook Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php. | 2.6 |
| 2006-06-19 | CVE-2006-3062 | Myphp Guestbook | Cross-Site Scripting vulnerability in Myphp Guestbook Myphp Guestbook 2.0.4 Cross-site scripting (XSS) vulnerability in index.php in myPHP Guestbook 2.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 2.6 |
| 2006-06-19 | CVE-2006-3061 | Review Script COM | Cross-Site Scripting vulnerability in Review-Script.Com Five Star Review Script Multiple cross-site scripting (XSS) vulnerabilities in 5 Star Review allow remote attackers to inject arbitrary web script or HTML via the (1) sort parameter in index2.php, (2) item_id parameter in report.php, (3) search_term parameter (aka the "search box") in search_reviews.php, (4) the profile field in usercp/profile_edit1.php, and the (5) review field in review_form.php. | 2.6 |
| 2006-06-22 | CVE-2006-3159 | SUN | Local Information Disclosure vulnerability in SUN Iplanet Messaging Server and ONE Messaging Server pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003) allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message. | 2.1 |