Weekly Vulnerabilities Reports > December 25 to 31, 2006
Overview
221 new vulnerabilities reported during this period, including 32 critical vulnerabilities and 83 high severity vulnerabilities. This weekly summary report vulnerabilities in 183 products from 143 vendors including Microsoft, Enthrallweb, THE Address Book, SUN, and Novell. Vulnerabilities are notably categorized as "Cross-site Scripting", "Code Injection", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Input Validation".
- 208 reported vulnerabilities are remotely exploitables.
- 78 reported vulnerabilities have public exploit available.
- 19 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 199 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 10 reported vulnerabilities.
- Microsoft has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
32 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-12-31 | CVE-2006-6917 | Broadcom | Unspecified vulnerability in Broadcom Brightstor Arcserve Backup Server 11.5 Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0. | 10.0 |
2006-12-31 | CVE-2006-6909 | Karl Dahlke | Remote Buffer Overflow vulnerability in Karl Dahlke Edbrowse 3.1.3 Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory listings with (1) long user names or (2) long group names. | 10.0 |
2006-12-31 | CVE-2006-6907 | Bluesoil Bluetooth | Remote Security vulnerability in Bluesoil Bluetooth Unspecified vulnerability in the Bluesoil Bluetooth stack has unknown impact and attack vectors. | 10.0 |
2006-12-31 | CVE-2006-6905 | Broadcom | Remote Security vulnerability in Widcomm Bluetooth Unspecified vulnerability in the Widcomm Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
2006-12-31 | CVE-2006-6903 | Toshiba | Remote Security vulnerability in Bluetooth Unspecified vulnerability in the Toshiba Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
2006-12-31 | CVE-2006-6902 | Microsoft | Remote Security vulnerability in Microsoft Windows 2003 Server Mobilepocketpc Unspecified vulnerability in the Bluetooth stack in Microsoft Windows Mobile Pocket PC edition allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
2006-12-31 | CVE-2006-6901 | Microsoft | Remote Security vulnerability in Microsoft Windows 2003 Server R2 Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 10.0 |
2006-12-31 | CVE-2006-6900 | Apple | Remote Security vulnerability in Apple mac OS X 10.4 Unspecified vulnerability in the Bluetooth stack in Apple Mac OS 10.4 has unknown impact and attack vectors, related to an "implementation bug." | 10.0 |
2006-12-31 | CVE-2006-6894 | Spine | Remote Security vulnerability in Spine Multiple unspecified vulnerabilities in SPINE before 1.2 have unknown impact and attack vectors, related to (1) "Placeholders in database handler" and (2) "Macro admin security." | 10.0 |
2006-12-31 | CVE-2006-6864 | Enigma2 | Remote File Include vulnerability in Enigma2 Coppermine Bridge 1.0 PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. | 10.0 |
2006-12-31 | CVE-2006-6861 | Outfront | Input Validation vulnerability in Outfront Spooky Login 2.7 Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp. | 10.0 |
2006-12-31 | CVE-2006-6860 | Mythcontrol | Buffer Overflow vulnerability in MythControlServer SendToMythTV() Buffer overflow in the sendToMythTV function in MythControlServer.c in MythControl 1.0 and earlier allows remote attackers to execute arbitrary code via a crafted sendStr string to the Bluetooth interface. | 10.0 |
2006-12-31 | CVE-2006-6859 | Website Designs FOR Less | SQL Injection vulnerability in Click N' Print Coupons Coupon_Detail.ASP SQL injection vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons 2005.01 and earlier allows remote attackers to execute arbitrary SQL commands via the key parameter. | 10.0 |
2006-12-31 | CVE-2006-6853 | Mozilla | Remote Buffer Overflow vulnerability in Mozilla Durian web Application Server 3.02 Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002. | 10.0 |
2006-12-31 | CVE-2006-6841 | Phpbb Group | Input Validation vulnerability in PHPBB Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors. | 10.0 |
2006-12-31 | CVE-2006-6840 | Phpbb Group | Input Validation vulnerability in PHPBB Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to a "negative start parameter." | 10.0 |
2006-12-31 | CVE-2006-6839 | Phpbb Group | Input Validation vulnerability in PHPBB Unspecified vulnerability in phpBB before 2.0.22 has unknown impact and remote attack vectors related to "criteria for 'bad' redirection targets." | 10.0 |
2006-12-31 | CVE-2006-6836 | IBM | Multiple Unspecified vulnerability in IBM OS 400 V5R3M0 Multiple unspecified vulnerabilities in osp-cert in IBM OS/400 V5R3M0 have unspecified impact and attack vectors, related to ASN.1 parsing. | 10.0 |
2006-12-31 | CVE-2006-6336 | Eudora | Remote Heap-Based Buffer Overflow vulnerability in Eudora Worldmail Management Server 3.1 Heap-based buffer overflow in the Mail Management Server (MAILMA.exe) in Eudora WorldMail 3.1.x allows remote attackers to execute arbitrary code via a crafted request containing successive delimiters. | 10.0 |
2006-12-31 | CVE-2006-6102 | X ORG Xfree86 Project | Local Integer Overflow vulnerability in X.Org DBE And Render Extensions Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. | 10.0 |
2006-12-31 | CVE-2006-4098 | Cisco | Remote vulnerability in Cisco Secure Access Control Server Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet. | 10.0 |
2006-12-31 | CVE-2006-6884 | Winzip | Buffer Errors vulnerability in Winzip 10.0Build6667 Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198. | 9.3 |
2006-12-31 | CVE-2006-6869 | Maxdev | Local File Include vulnerability in MDForum PNSVLang Parameter Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. | 9.3 |
2006-12-31 | CVE-2006-5870 | Openoffice SUN | Numeric Errors vulnerability in multiple products Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers heap-based buffer overflows in (1) wmf/winwmf.cxx, during processing of META_ESCAPE records; and wmf/enhwmf.cxx, during processing of (2) EMR_POLYPOLYGON and (3) EMR_POLYPOLYGON16 records. | 9.3 |
2006-12-31 | CVE-2006-5857 | Adobe | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. | 9.3 |
2006-12-31 | CVE-2006-5574 | Microsoft | Remote Code Execution vulnerability in Microsoft Office Brazilian Portuguese Grammar Checker Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed. | 9.3 |
2006-12-31 | CVE-2006-4695 | Microsoft | Code Injection vulnerability in Microsoft Office web Components 2000 Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability." | 9.3 |
2006-12-27 | CVE-2006-6749 | Openser | Buffer Errors vulnerability in Openser 1.1 Buffer overflow in the parse_expression function in parse_config in OpenSER 1.1.0 allows attackers to have an unknown impact via a long str parameter. | 9.3 |
2006-12-26 | CVE-2006-6745 | SUN | Remote Privilege Escalation vulnerability in Sun Java Runtime Environment Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE. | 9.3 |
2006-12-26 | CVE-2006-6731 | SUN | Buffer Overflow vulnerability in SUN Jdk, JRE and SDK Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. | 9.3 |
2006-12-27 | CVE-2006-6425 | Novell | Buffer Overflow vulnerability in Novell Netmail IMAP APPEND Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command. | 9.0 |
2006-12-27 | CVE-2006-6424 | Novell | Heap Overflow vulnerability in Novell Netmail IMAP Verb Literal Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow. | 9.0 |
83 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-12-31 | CVE-2006-6904 | Broadcom | Remote Security vulnerability in Bluetooth Stack Unspecified vulnerability in the Broadcom Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | 7.9 |
2006-12-31 | CVE-2006-6910 | Fersch | Remote Denial of Service vulnerability in Fersch Formbankserver 1.9 formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begins with Abfrage, allows remote attackers to cause a denial of service (daemon crash) via multiple requests containing many /../ sequences in the Name parameter. | 7.8 |
2006-12-31 | CVE-2006-6898 | Broadcom | Remote Security vulnerability in Broadcom Widcomm Bluetooth 4.0.1.1500 Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 allows remote attackers to listen to and record conversations, aka the CarWhisperer attack. | 7.8 |
2006-12-31 | CVE-2006-6866 | Stphp | Information Disclosure vulnerability in Stphp Easynews 4.0 STphp EasyNews PRO 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames, email addresses, and password hashes via a direct request for data/users.txt. | 7.8 |
2006-12-31 | CVE-2006-6865 | Softartisans | Directory Traversal vulnerability in Softartisans Fileup 5.0.14 Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. | 7.8 |
2006-12-31 | CVE-2006-6829 | Efkan Forum | Information Disclosure vulnerability in Efkan Forum Efkan Forum 1.0 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for forum.mdb. | 7.8 |
2006-12-31 | CVE-2006-5974 | Fetchmail | Improper Input Validation vulnerability in Fetchmail 6.3.5/6.3.6 fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference when calling the (1) ferror or (2) fflush functions. | 7.8 |
2006-12-31 | CVE-2006-5867 | Fetchmail | Improper Input Validation vulnerability in Fetchmail fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks. | 7.8 |
2006-12-31 | CVE-2006-4097 | Cisco | Remote vulnerability in Cisco Secure Access Control Server Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. | 7.8 |
2006-12-27 | CVE-2006-6757 | CWM Design | Information Disclosure vulnerability in Cwm-Design Cwmexplorer 1.0 Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read arbitrary files and source code, and obtain sensitive information via directory traversal sequences in the show_file parameter. | 7.8 |
2006-12-26 | CVE-2006-6742 | HP | Denial-Of-Service vulnerability in HP FTP Print Server, Laserjet 5000 and Laserjet 5100 Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command. | 7.8 |
2006-12-26 | CVE-2006-6723 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 2000 and Windows XP The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a denial of service (memory consumption) via a large maxlen value in an NetrWkstaUserEnum RPC request. | 7.8 |
2006-12-31 | CVE-2006-7231 | Civica Software | SQL Injection vulnerability in Civica Software Civica SQL injection vulnerability in display.asp in Civica Software Civica allows remote attackers to execute arbitrary SQL commands via the Entry parameter. | 7.5 |
2006-12-31 | CVE-2006-6916 | Getahead | Denial-Of-Service vulnerability in Direct Web Remoting Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to cause a denial of service (infinite loop) via unknown vectors related to "crafted input." | 7.5 |
2006-12-31 | CVE-2006-6913 | Phpmyfaq | Security Bypass vulnerability in phpMyFAQ Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors. | 7.5 |
2006-12-31 | CVE-2006-6912 | Phpmyfaq | SQL Injection vulnerability in PHPmyfaq SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter. | 7.5 |
2006-12-31 | CVE-2006-6890 | VOC Project | Information Disclosure vulnerability in Voc-Project Voodoo Chat 1.0Rc1B Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat. | 7.5 |
2006-12-31 | CVE-2006-6889 | Freestyle | Information Disclosure vulnerability in Freestyle Wiki FreeStyle Wiki (fswiki) 3.6.2 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain passwords via a direct request for config/user.dat. | 7.5 |
2006-12-31 | CVE-2006-6881 | Stavros Markou | Buffer Errors vulnerability in Stavros Markou Atmelwlandriver 3.4.1.1 Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument. | 7.5 |
2006-12-31 | CVE-2006-6880 | PHP Update | SQL Injection vulnerability in PHP-Update Multiple SQL injection vulnerabilities in code/guestadd.php in PHP-Update 2.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) newmessage, (2) newname, (3) newwebsite, or (4) newemail parameter. | 7.5 |
2006-12-31 | CVE-2006-6878 | PHP Update | Unspecified vulnerability in PHP-Update admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action. | 7.5 |
2006-12-31 | CVE-2006-6876 | Openser | Remote Buffer Overflow vulnerability in OpenSER SMS Handling module Buffer overflow in the fetchsms function in the SMS handling module (libsms_getsms.c) in OpenSER 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SMS message, triggering memory corruption when the "beginning" buffer is copied to the third (pdu) argument. | 7.5 |
2006-12-31 | CVE-2006-6875 | Openser | Buffer Overflow vulnerability in Openser and Openser OSP Module Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in OpenSER 1.1.0 and earlier allows remote attackers to execute arbitrary code via a crafted OSP header. | 7.5 |
2006-12-31 | CVE-2006-6873 | Endonesia | Scripts Multiple Input Validation vulnerability in Endonesia 8.4 Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 allow remote attackers to execute arbitrary SQL commands via (1) the did parameter in a (a) viewdisk operation (diskusi mod), or the (2) cid parameter in a (b) viewlink (katalog mod) or (b) viewcat (diskusi mod) operation. | 7.5 |
2006-12-31 | CVE-2006-6867 | Vladimir Meshakov | Remote File Include vulnerability in Vladimir Meshakov Bubla 0.9.1 Multiple PHP remote file inclusion vulnerabilities in Vladimir Menshakov buratinable templator (aka bubla) 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the bu_dir parameter to (1) bu/bu_claro.php, (2) bu/bu_cache.php, or (3) bu/bu_parse.php, different vectors and a different affected version than CVE-2006-6809. | 7.5 |
2006-12-31 | CVE-2006-6856 | Webtext | Unspecified vulnerability in Webtext Direct static code injection vulnerability in WebText CMS 0.4.5.2 and earlier allows remote attackers to inject arbitrary PHP code into a script in wt/users/ via the im parameter during a profile edit (edycja) operation, which is then executed via a direct request for this script. | 7.5 |
2006-12-31 | CVE-2006-6854 | DE Marchi Daniele | Buffer Overflow vulnerability in QuickCam VC Device Driver for Linux QCAMVC_Video_Init Function The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickCam VC Linux device driver (aka quickcam-vc) 1.0.9 and earlier does not properly check a boundary, triggering memory corruption, which might allow attackers to execute arbitrary code via a crafted QuickCam object. | 7.5 |
2006-12-31 | CVE-2006-6850 | Shadowed Works | Remote File Include vulnerability in Shadowed Works Shadowed Portal 5.7 PHP remote file inclusion vulnerability in include.php in the Roster Module (character_roster) in Shadowed Portal 5.7 allows remote attackers to execute arbitrary PHP code via a URL in the mod_root parameter. | 7.5 |
2006-12-31 | CVE-2006-6849 | Cahier DE Textes | Remote Security vulnerability in Cahier DE Textes Cahier DE Textes 2.2 administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions. | 7.5 |
2006-12-31 | CVE-2006-6848 | Aspticker | SQL Injection vulnerability in Aspticker 1.0 SQL injection vulnerability in admin.asp in ASPTicker 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO, possibly related to the Password parameter. | 7.5 |
2006-12-31 | CVE-2006-6846 | Cybercoded | SQL Injection vulnerability in Cybercoded While YOU Were OUT Inout Board 1.0 Multiple SQL injection vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the num parameter in (a) phonemessage.asp, (2) the catcode parameter in (b) faqDsp.asp, and the (3) Username and (4) Password fields in (c) login.asp. | 7.5 |
2006-12-31 | CVE-2006-6843 | Joomla | Remote File Include vulnerability in Joomla BE IT Easypartner Component 0.0.9Beta PHP remote file inclusion vulnerability in the BE IT EasyPartner 0.0.9 beta component for Joomla! allows remote attackers to execute arbitrary PHP code via unspecified vectors. | 7.5 |
2006-12-31 | CVE-2006-6842 | Codemonkeyx | SQL Injection vulnerability in Codemonkeyx Acronym MOD 0.9.5 SQL injection vulnerability in admin/admin_acronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-12-31 | CVE-2006-6835 | Neocrome | SQL-Injection vulnerability in Neocrome Land Down Under 800/801/802 SQL injection vulnerability in Journal.inc.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the w parameter to journal.php. | 7.5 |
2006-12-31 | CVE-2006-6833 | Joomla | Cross-Site Scripting vulnerability in Joomla com_categories in Joomla! before 1.0.12 does not validate input, which has unknown impact and remote attack vectors. | 7.5 |
2006-12-31 | CVE-2006-6831 | Alan Ward | SQL-Injection vulnerability in Alan Ward A-Faq 1.0 SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catcode parameter. | 7.5 |
2006-12-31 | CVE-2006-6830 | Cafelog | Remote File Include vulnerability in Cafelog B2 Blog B2Verifauth.PHP PHP remote file inclusion vulnerability in b2verifauth.php in b2 Blog 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the index parameter. | 7.5 |
2006-12-31 | CVE-2006-6828 | Efkan Forum | SQL-Injection vulnerability in Efkan Forum Multiple SQL injection vulnerabilities in Efkan Forum 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the grup parameter in admin.asp, or the id parameter in (2) default.asp or (3) admin.asp. | 7.5 |
2006-12-31 | CVE-2006-6488 | Iconics | Remote Stack Buffer Overflow vulnerability in Iconics Dialog Wrapper Module Activex Control 8.4.165.0 Stack-based buffer overflow in the DoModal function in the Dialog Wrapper Module ActiveX control (DlgWrapper.dll) before 8.4.166.0, as used by ICONICS OPC Enabled Gauge, Switch, and Vessel ActiveX, allows remote attackers to execute arbitrary code via a long (1) FileName or (2) Filter argument. | 7.5 |
2006-12-31 | CVE-2006-5266 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Dynamics GP Multiple buffer overflows in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allow remote attackers to execute arbitrary code via (1) a crafted Distributed Process Manager (DPM) message to the (a) DPM component, or a (2) long string or (3) long IP address in a Distributed Process Server (DPS) message to the DPM or (b) DPS component. | 7.5 |
2006-12-31 | CVE-2006-4580 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E register.php in The Address Book 1.04e allows remote attackers to bypass the "Allow User Self-Registration" setting and create arbitrary users by setting the mode parameter to "confirm". | 7.5 |
2006-12-31 | CVE-2006-4578 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information. | 7.5 |
2006-12-31 | CVE-2006-4575 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote attackers to execute arbitrary SQL commands via the (1) lastname, (2) firstname, (3) passwordOld, (4) passwordNew, (5) id, (6) language, (7) defaultLetter, (8) newuserPass, (9) newuserType, (10) newuserEmail parameters in (a) user.php; the (11) goTo and (12) search parameters in (b) search.php; and the (13) groupAddName parameter in (c) save.php. | 7.5 |
2006-12-29 | CVE-2006-6826 | Personal NET Portal | Remote Security vulnerability in Personal .Net Portal Unspecified vulnerability in the tab editor for Personal .NET Portal before 2.0.0 has unknown impact and attack vectors related to a "Security leak." | 7.5 |
2006-12-29 | CVE-2006-6825 | Mxmania | Information Disclosure vulnerability in Calendar MX BASIC Calendar MX BASIC 1.0.2 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for calendar.mdb. | 7.5 |
2006-12-29 | CVE-2006-6823 | Yrch | Remote File Include vulnerability in Yrch 1.0 PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc.php in Yrch! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 7.5 |
2006-12-29 | CVE-2006-6818 | Alstrasoft | Unspecified vulnerability in Alstrasoft Webhost Directory AlstraSoft Web Host Directory allows remote attackers to bypass authentication and change the admin password via a direct request to admin/config. | 7.5 |
2006-12-29 | CVE-2006-6816 | Dmxready | SQL Injection vulnerability in Dmxready Secure Login Manager 1.0 Multiple SQL injection vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel; (4) the sent parameter to (a) login.asp, (b) content.asp, and (c) members.asp in the Remote-WebSite; and (5) the sent parameter to applications/SecureLoginManager/inc_secureloginmanager.asp in the Live Demo. | 7.5 |
2006-12-29 | CVE-2006-6813 | Mxmania | SQL Injection vulnerability in Mxmania File Upload Manager Detail.ASP SQL injection vulnerability in detail.asp in Mxmania File Upload Manager (FUM) 1.0.6 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-12-29 | CVE-2006-6812 | Myphpcalendar | Remote File Include vulnerability in Myphpcalendar 10.1 Multiple PHP remote file inclusion vulnerabilities in myPHPCalendar 10.1 allow remote attackers to execute arbitrary PHP code via a URL in the cal_dir parameter to (1) admin.php, (2) contacts.php, or (3) convert-date.php. | 7.5 |
2006-12-29 | CVE-2006-6809 | Vladimir Menshakov | Remote File Include vulnerability in Buratinable Templator Process.PHP Multiple PHP remote file inclusion vulnerabilities in process.php in Vladimir Menshakov buratinable templator (aka bubla) 1.0.0rc2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) bu_dir or (2) bu_config[dir] parameter. | 7.5 |
2006-12-28 | CVE-2006-6807 | Softwebs Nepal | SQL Injection vulnerability in Ananda Real Estate List.ASP SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter. | 7.5 |
2006-12-28 | CVE-2006-6806 | Enthrallweb | SQL-Injection vulnerability in Enthrallweb Emates 1.0 SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-12-28 | CVE-2006-6805 | Enthrallweb | SQL-Injection vulnerability in eJobs SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-12-28 | CVE-2006-6804 | Enthrallweb | SQL Injection vulnerability in Dragon Business Directory Bus_Details.ASP SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-12-28 | CVE-2006-6803 | Enthrallweb | SQL Injection vulnerability in Enthrallweb Ecars 1.0 SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 allows remote attackers to execute arbitrary SQL commands via the Type_id parameter. | 7.5 |
2006-12-28 | CVE-2006-6802 | Enthrallweb | SQL Injection vulnerability in Enthrallweb ePages Actualpic.ASP SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote attackers to execute arbitrary SQL commands via the Biz_ID parameter. | 7.5 |
2006-12-28 | CVE-2006-6799 | THE Cacti Group | Remote Command Execution vulnerability in Cacti CMD.PHP SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. | 7.5 |
2006-12-28 | CVE-2006-6795 | Myphpnuke | Remote File Include vulnerability in Myphpnuke MY Egallery 2.5.6 PHP remote file inclusion vulnerability in gallery/displayCategory.php in the My_eGallery 2.5.6 module in myPHPNuke (MPN) allows remote attackers to execute arbitrary PHP code via a URL in the basepath parameter. | 7.5 |
2006-12-28 | CVE-2006-6794 | Efkan Forum | SQL Injection vulnerability in Efkan Forum Efkan Forum 1.0 SQL injection vulnerability in default.asp in Efkan Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the grup parameter. | 7.5 |
2006-12-28 | CVE-2006-6793 | Okul Merkezi | Remote File Include vulnerability in Okul Merkezi Okul Merkezi Portal 1.0 PHP remote file inclusion vulnerability in ataturk.php in Okul Merkezi Portal 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |
2006-12-28 | CVE-2006-6792 | Mxmania | SQL Injection vulnerability in Calendar MX Basic Calendar_Detail.ASP SQL injection vulnerability in calendar_detail.asp in Calendar MX BASIC 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-12-28 | CVE-2006-6791 | Chatwm | SQL Injection vulnerability in Chatwm 1.0 SQL injection vulnerability in SelGruFra.asp in chatwm 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) txtUse and (2) txtPas parameters. | 7.5 |
2006-12-28 | CVE-2006-6790 | Ultimate PHP Board | Remote Code Execution vulnerability in Ultimate PHP Board Username Parameter Direct static code injection vulnerability in chat/login.php in Ultimate PHP Board (UPB) 2.0b1 and earlier allows remote attackers to inject arbitrary PHP code via the username parameter, which is injected into chat/text.php. | 7.5 |
2006-12-28 | CVE-2006-6789 | Phpbbxtra | Remote File Include vulnerability in PHPbbxtra 2.0 PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in Phpbbxtra 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
2006-12-28 | CVE-2006-6788 | Luckybot | Remote File Include vulnerability in Luckybot 3 Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) run.php or (2) ircbot.class.php. | 7.5 |
2006-12-28 | CVE-2006-6787 | Mxmania | SQL Injection vulnerability in Newsletter MX admin_mail_adressee.ASP SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsletter MX 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
2006-12-28 | CVE-2006-6785 | Open Newsletter | Authentication Bypass vulnerability in Open Newsletter Open Newsletter 2.0 The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability. | 7.5 |
2006-12-28 | CVE-2006-6784 | Netbula | SQL Injection vulnerability in Netbula Anyboard 9.9.5.6 SQL injection vulnerability in Netbula Anyboard allows remote attackers to execute arbitrary SQL commands via the user name in the login form. | 7.5 |
2006-12-28 | CVE-2006-6783 | Logahead | Improper Authentication vulnerability in Logahead UNU 1.0 logahead UNU 1.0 before 20061226 allows remote attackers to upload arbitrary files via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), possibly because of an authentication bypass. | 7.5 |
2006-12-28 | CVE-2006-6780 | Hlstats | Input Validation vulnerability in Hlstats 1.20/1.34 SQL injection vulnerability in the login form in HLstats 1.20 through 1.34 allows remote attackers to execute arbitrary SQL commands via the killLimit parameter. | 7.5 |
2006-12-28 | CVE-2006-6776 | Future Internet | Input Validation vulnerability in Future Internet Multiple SQL injection vulnerabilities in Future Internet allow remote attackers to execute arbitrary SQL commands via the (1) newsId or (2) categoryid parameter in a Portal.Showpage action in index.cfm, or (3) the langId parameter in index.cfm. | 7.5 |
2006-12-27 | CVE-2006-6773 | Fishyshoop | Unspecified vulnerability in Fishyshoop 0.930Beta pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the is_admin HTTP POST parameter to 1. | 7.5 |
2006-12-27 | CVE-2006-6766 | CWM Design | SQL-Injection vulnerability in Cwm-Design Cwmexplorer 1.0 Multiple SQL injection vulnerabilities in cwmExplorer 1.1.0 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2006-12-27 | CVE-2006-6763 | Keep IT Simple Guest Book | Remote Security vulnerability in Keep IT Simple Guest Book Keep IT Simple Guest Book 5.0 Multiple PHP remote file inclusion vulnerabilities in the Keep It Simple Guest Book (KISGB) allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_to_themes parameter in (a) authenticate.php, and the (2) default_path_for_themes parameter in (b) admin.php and (c) upconfig.php. | 7.5 |
2006-12-27 | CVE-2006-6760 | Phpmymanga | Code Injection vulnerability in PHPmymanga Multiple PHP remote file inclusion vulnerabilities in template.php in Phpmymanga 0.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) actionsPage or (2) formPage parameter. | 7.5 |
2006-12-27 | CVE-2006-6752 | Ftprush | Local Buffer Overflow vulnerability in Ftprush 1.0.0.610 Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain privileges via a long Host field. | 7.5 |
2006-12-27 | CVE-2006-6748 | Newxooper | Code Injection vulnerability in Newxooper PHP remote file inclusion vulnerability in i-accueil.php in Newxooper 0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | 7.5 |
2006-12-27 | CVE-2006-6747 | Dreaxteam | SQL Injection vulnerability in Dreaxteam Xt-News 0.1 SQL injection vulnerability in show_news.php in Xt-News 0.1 allows remote attackers to execute arbitrary SQL commands via the id_news parameter. | 7.5 |
2006-12-26 | CVE-2006-6739 | Paristemi | Code Injection vulnerability in Paristemi 0.8.3 PHP remote file inclusion vulnerability in buycd.php in Paristemi 0.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the HTTP_DOCUMENT_ROOT parameter, a different vector than CVE-2006-6689. | 7.5 |
2006-12-26 | CVE-2006-6727 | Inertianews | Code Injection vulnerability in Inertianews PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | 7.5 |
2006-12-26 | CVE-2006-6726 | Inertianews | Code Injection vulnerability in Inertianews 0.02 PHP remote file inclusion vulnerability in inertianews_main.php in inertianews 0.02 beta allows remote attackers to execute arbitrary PHP code via a URL in the inews_path parameter. | 7.5 |
2006-12-31 | CVE-2006-6906 | Apple | Local Security vulnerability in Mac OS X Unspecified vulnerability in the Bluetooth stack on Mac OS 10.4.7 and earlier has unknown impact and local attack vectors, related to "Mach Exception Handling", a different issue than CVE-2006-6900. | 7.2 |
99 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-12-31 | CVE-2006-6892 | Jonathon Freeman | Cross-Site Scripting vulnerability in Jonathon Freeman Ovbb 0.13A Cross-site scripting (XSS) vulnerability in the GetLocation function in online.php in Jonathon J. | 6.8 |
2006-12-31 | CVE-2006-6887 | Logahead | Code Injection vulnerability in Logahead UNU 1.0 Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the WidgEd plugin), a different vulnerability than CVE-2006-6783. | 6.8 |
2006-12-31 | CVE-2006-6877 | Matteo Lucarelli | Directory Traversal vulnerability in 3Editor Cms Directory traversal vulnerability in index.php in Matteo Lucarelli 3editor CMS 0.42 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. | 6.8 |
2006-12-31 | CVE-2006-6874 | Endonesia | Cross-Site Scripting vulnerability in Endonesia 8.4 Multiple cross-site scripting (XSS) vulnerabilities in friend.php in eNdonesia 8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Message or (2) Your Name field. | 6.8 |
2006-12-31 | CVE-2006-6871 | Endonesia | Scripts Multiple Input Validation vulnerability in Endonesia 8.4 Multiple cross-site scripting (XSS) vulnerabilities in eNdonesia 8.4 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewlink operation in mod.php, (2) the intypeid parameter in a showinfo operation in the informasi module in mod.php, (3) the "your Friend" field in friend.php, or (4) the "Main Text" field in admin.php. | 6.8 |
2006-12-31 | CVE-2006-6868 | ZEN Cart | Cross-Site Scripting vulnerability in Zen Cart Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.8 |
2006-12-31 | CVE-2006-6862 | Outfront | Input Validation vulnerability in Outfront Spooky Login 2.7 Multiple cross-site scripting (XSS) vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login/login.asp or (2) login/register.asp. | 6.8 |
2006-12-31 | CVE-2006-6858 | Miredo | Remote Security vulnerability in Miredo 0.9.8/1.0.3/1.0.4 Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client. | 6.8 |
2006-12-31 | CVE-2006-6851 | Mobilelib | Cross-Site Scripting vulnerability in Mobilelib Gold 2 Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow remote attackers to inject arbitrary web script or HTML via the (1) email or (2) errr parameter. | 6.8 |
2006-12-31 | CVE-2006-6845 | Cmsmadesimple | Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 1.0.2 Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the cntnt01searchinput parameter in a Search action. | 6.8 |
2006-12-31 | CVE-2006-6844 | Cmsmadesimple | HTML Injection vulnerability in Cmsmadesimple CMS Made Simple 1.0.2 Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form. | 6.8 |
2006-12-31 | CVE-2006-6837 | Sergey Oblomov | Remote Buffer Overflow vulnerability in Total Commands ISO_WinCmd Plugin Multiple stack-based buffer overflows in the (1) LoadTree, (2) ReadHeader, and (3) LoadXBOXTree functions in the ISO (iso_wincmd) plugin 1.7.3.3 and earlier for Total Commander allow user-assisted remote attackers to execute arbitrary code via a long pathname in an ISO image. | 6.8 |
2006-12-31 | CVE-2006-6834 | Joomla | Cross-Site Scripting vulnerability in Joomla Multiple unspecified vulnerabilities in Joomla! before 1.0.12 have unknown impact and attack vectors related to (1) "unneeded legacy functions" and (2) "Several low level security fixes." | 6.8 |
2006-12-31 | CVE-2006-4577 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E Multiple cross-site scripting (XSS) vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the (1) email, (2) websites, and (3) groupAddName parameters in (a) save.php; the (4) errorMsg parameter in (b) index.php; and the (5) goTo and (6) search parameters in (c) search.php. | 6.8 |
2006-12-31 | CVE-2006-4576 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E Cross-site scripting (XSS) vulnerability in The Address Book 1.04e allows remote attackers to inject arbitrary web script or HTML by uploading the HTML file with a GIF or JPG extension, which is rendered by Internet Explorer. | 6.8 |
2006-12-28 | CVE-2006-6808 | Wordpress | HTML Injection vulnerability in Wordpress Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. | 6.8 |
2006-12-28 | CVE-2006-6801 | SH News | Remote File Include vulnerability in Sh-News 0.93 PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the news_cfg[path] parameter. | 6.8 |
2006-12-28 | CVE-2006-6800 | Limbo CMS | Remote File Include vulnerability in Limbo CMS Event Module 1.0 PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter. | 6.8 |
2006-12-28 | CVE-2006-6796 | Mtcms | Remote File Include vulnerability in MTCMS Admin_Settings.PHP PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ins_file parameter. | 6.8 |
2006-12-28 | CVE-2006-6782 | Pnamazu | Cross-Site Scripting vulnerability in PNAmazu Cross-site scripting (XSS) vulnerability in pnamazu 2006.02.28 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.8 |
2006-12-28 | CVE-2006-6779 | Jelsoft | Unspecified vulnerability in Jelsoft Vbulletin Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows remote attackers to inject arbitrary web script or HTML via an SWF file that uses ActionScript to trigger execution of JavaScript. | 6.8 |
2006-12-28 | CVE-2006-6778 | Timberwolf | Cross-Site Scripting vulnerability in Timberwolf 1.2.2 Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the nid parameter. | 6.8 |
2006-12-28 | CVE-2006-6777 | Future Internet | Input Validation vulnerability in Future Internet Cross-site scripting (XSS) vulnerability in index.cfm in Future Internet allows remote attackers to inject arbitrary web script or HTML via the categoryId parameter in a Portal.ShowPage action. | 6.8 |
2006-12-27 | CVE-2006-6774 | Ciberia | Remote File Include vulnerability in Ciberia Content Federator 1.0 PHP remote file inclusion vulnerability in socios/maquetacion_socio.php (members/maquetacion_member.php) in Ciberia Content Federator 1.0 allows remote attackers to execute arbitrary PHP code via the path parameter. | 6.8 |
2006-12-27 | CVE-2006-6771 | Irokez | Remote File Include vulnerability in Irokez CMS 0.7.1 Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[PTH][func] parameter in (a) scripts/gallery.scr.php; the (2) GLOBALS[PTH][spaw] parameter in (b) scripts/xtextarea.scr.php; and the (3) GLOBALS[PTH][classes] parameter in (c) sitemap.scr.php, (d) news.scr.php, (e) polls.scr.php, (f) rss.scr.php, (g) search.scr.php in scripts/, and (h) form.fun.php, (i) general.func.php, (j) groups.func.php, (k) js.func.php, (l) sections.func.php, and (m) users.func.php in functions/. | 6.8 |
2006-12-27 | CVE-2006-6770 | Jinzora | Remote File Include vulnerability in Jinzora 2.0.1 Multiple PHP remote file inclusion vulnerabilities in Jinzora Media Jukebox 2.7 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter in (1) popup.php, (2) rss.php, (3) ajax_request.php, and (4) mediabroadcast.php. | 6.8 |
2006-12-27 | CVE-2006-6769 | PHP Live | Cross-Site Scripting vulnerability in PHP Live PHP Live 2.8.1/3.0 Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search_string parameter in (a) setup/transcripts.php, the (2) l parameter in (b) index.php, the (3) login field in (c) phplive/index.php, and the (4) deptid and (5) x parameters in (d) phplive/message_box.php. | 6.8 |
2006-12-27 | CVE-2006-6768 | PWP Technologies | Cross-Site Scripting vulnerability in The Classified Ad System Multiple cross-site scripting (XSS) vulnerabilities in default.asp in PWP Technologies The Classified Ad System allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) main parameter. | 6.8 |
2006-12-27 | CVE-2006-6765 | Pagetool | Remote Security vulnerability in Pagetool Multiple PHP file inclusion vulnerabilities in src/admin/pt_upload.php in Pagetool 1.07 allow remote attackers to execute arbitrary PHP code via (1) a local filename or FTP/share URI in the config_file parameter or (2) a URL in the ptconf[src] parameter. | 6.8 |
2006-12-27 | CVE-2006-6764 | Keep IT Simple Guest Book | Remote File Include vulnerability in Keep IT Simple Guest Book Keep IT Simple Guest Book 5.0 PHP remote file inclusion vulnerability in authenticate.php in Keep It Simple Guest Book (KISGB), when executing PHP through CGI, allows remote attackers to execute arbitrary PHP code via a URL in the default_path_to_themes parameter. | 6.8 |
2006-12-26 | CVE-2006-6738 | CWM Design | Code Injection vulnerability in Cwm-Design Cwmcounter PHP remote file inclusion vulnerability in statistic.php in cwmCounter 5.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 6.8 |
2006-12-26 | CVE-2006-6732 | CWM Design | Code Injection vulnerability in Cwm-Design Cwmvote 1.0 PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter. | 6.8 |
2006-12-31 | CVE-2006-6103 | X ORG Xfree86 Project | Local Integer Overflow vulnerability in X.Org DBE And Render Extensions Integer overflow in the ProcDbeSwapBuffers function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures. | 6.6 |
2006-12-31 | CVE-2006-6101 | X ORG Xfree86 Project | Local Integer Overflow vulnerability in X.Org DBE And Render Extensions Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures. | 6.6 |
2006-12-28 | CVE-2006-6797 | Microsoft | Unspecified vulnerability in Microsoft Windows XP The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696. | 6.6 |
2006-12-26 | CVE-2006-6730 | Netbsd Openbsd | Local Security vulnerability in NetBSD OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2. | 6.6 |
2006-12-29 | CVE-2006-6811 | KDE Canonical | Reachable Assertion vulnerability in multiple products KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. | 6.5 |
2006-12-28 | CVE-2006-6786 | Open Newsletter | Authentication Bypass vulnerability in Open Newsletter Open Newsletter 2.0 Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php. | 6.5 |
2006-12-27 | CVE-2006-6761 | Novell | Buffer Overflow vulnerability in Novell Netmail 3.5.2 Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command. | 6.5 |
2006-12-27 | CVE-2006-6754 | Ixprim | SQL Injection vulnerability in Ixprim CMS 1.2 Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote attackers to execute arbitrary SQL commands via the story_id parameter to ixm_ixpnews.php, and unspecified other vectors. | 6.5 |
2006-12-29 | CVE-2006-6819 | Alstrasoft | Information Disclosure vulnerability in Webhost Directory AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db. | 6.4 |
2006-12-26 | CVE-2006-6728 | LAN Messenger | Denial of Service vulnerability in LANMessenger Information Request Mechanism Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remote attackers to cause a denial of service (application crash) or transmit spam via unspecified vectors. | 6.4 |
2006-12-29 | CVE-2006-6814 | Hosting Controller | Directory Traversal vulnerability in Hosting Controller Hosting Controller 7C Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter. | 6.3 |
2006-12-31 | CVE-2006-6911 | Digitizing Quote AND Ordering System | SQL-Injection vulnerability in Digitizing Quote and Ordering System Digitizing Quote and Ordering System 1.0 SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated users to execute arbitrary SQL commands via the ordernum parameter. | 6.0 |
2006-12-31 | CVE-2006-6879 | PHP Update | Unspecified vulnerability in PHP-Update Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and earlier allows remote authenticated users to upload arbitrary PHP scripts to the gfx/ and files/ directories via the userfile parameter. | 6.0 |
2006-12-31 | CVE-2006-6852 | Tdiary | Improper Input Validation vulnerability in Tdiary 2.0.1/2.0.2/2.0.3 Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml. | 6.0 |
2006-12-29 | CVE-2006-6815 | Dmxready | Cross-Site Scripting vulnerability in Dmxready Secure Login Manager 1.0 Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel. | 6.0 |
2006-12-26 | CVE-2006-6741 | Mkportal | Cross-Site Request Forgery (CSRF) vulnerability in Mkportal 1.1 Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag. | 5.8 |
2006-12-31 | CVE-2006-6899 | Bluez Project | Configuration vulnerability in Bluez Project Bluez hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack. | 5.4 |
2006-12-31 | CVE-2006-6897 | Widcomm | Directory Traversal vulnerability in Widcomm Bluetooth for Windows 3.0.1.905 Directory traversal vulnerability in Widcomm Bluetooth for Windows (BTW) 3.0.1.905 allows remote attackers to conduct unauthorized file operations via a .. | 5.4 |
2006-12-31 | CVE-2006-6896 | Plantronic | Remote Security vulnerability in Headset The Bluetooth stack in the Plantronic Headset does not properly implement Non-pairable mode, which allows remote attackers to conduct unauthorized pair-up operations. | 5.4 |
2006-12-27 | CVE-2006-6756 | Ixprim | Remote Security vulnerability in Ixprim CMS 1.2 The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote attackers to gain access to the administration panel via a brute force attack. | 5.1 |
2006-12-31 | CVE-2006-6914 | IBM | Local Information Disclosure vulnerability in IBM AIX 5.2.0/5.3.0 Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors. | 5.0 |
2006-12-31 | CVE-2006-6893 | TOR | Denial-Of-Service vulnerability in TOR 0.1.1.26 Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through (1) ICMP timestamps, (2) TCP sequence numbers, and (3) TCP timestamps, a different vulnerability than CVE-2006-0414. | 5.0 |
2006-12-31 | CVE-2006-6891 | VZ Forum | Information Disclosure vulnerability in VZ Forum VZ Forum 2.0.3 Vz (Adp) Forum 2.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrative account name and password hash via a direct request for users/admin.txt. | 5.0 |
2006-12-31 | CVE-2006-6888 | P News | Information Disclosure vulnerability in P-News 1.16/1.17 P-News 1.16 and 1.17 store sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrative account name and password hash via a direct request for db/user.dat. | 5.0 |
2006-12-31 | CVE-2006-6886 | Phpwcms | Information Exposure vulnerability in PHPwcms 1.2.5Dev phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive information via a direct request for (1) files.public-userroot.inc.php or (2) files.private.additions.inc.php in include/inc_lib/, which reveals the path in various error messages. | 5.0 |
2006-12-31 | CVE-2006-6872 | Endonesia | Scripts Multiple Input Validation vulnerability in Endonesia 8.4 Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-12-31 | CVE-2006-6870 | Avahi | Denial Of Service vulnerability in Avahi Compressed DNS The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself. | 5.0 |
2006-12-31 | CVE-2006-6855 | Aidex | Remote Denial of Service vulnerability in Aidex Mini-Webserver 1.1Rc3 AIDeX Mini-WebServer 1.1 early release 3 allows remote attackers to cause a denial of service (daemon crash) via a flood of HTTP GET requests, possibly related to display of HTTP log data by the GUI. | 5.0 |
2006-12-31 | CVE-2006-6847 | Realnetworks | Remote Denial of Service vulnerability in RealNetworks RealPlayer IERPPLUG.DLL ActiveX Control An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument. | 5.0 |
2006-12-31 | CVE-2006-6827 | Macromedia | Remote Denial of Service vulnerability in Macromedia Flash Flash8b.OCX ActiveX Control Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method. | 5.0 |
2006-12-31 | CVE-2006-6144 | MIT | Unspecified vulnerability in MIT Kerberos 5 1.5/1.5.1 The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) via unspecified vectors that cause mechglue to free uninitialized pointers. | 5.0 |
2006-12-31 | CVE-2006-5858 | Adobe | Information Exposure vulnerability in Adobe Coldfusion and Jrun Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file. | 5.0 |
2006-12-31 | CVE-2006-5265 | Microsoft | Improper Input Validation vulnerability in Microsoft Dynamics GP Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message. | 5.0 |
2006-12-31 | CVE-2006-4582 | THE Address Book | Cross-Site Request Forgery vulnerability in the Address Book the Address Book 1.04E Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e allows remote attackers to perform unauthorized actions as other users via unspecified vectors, as demonstrated by deleting arbitrary users via the id parameter in a deleteuser action in users.php. | 5.0 |
2006-12-31 | CVE-2006-4581 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header but not the file extension, which allows remote attackers to upload arbitrary PHP scripts. | 5.0 |
2006-12-31 | CVE-2006-4579 | THE Address Book | Remote vulnerability in the Address Book the Address Book 1.04E Directory traversal vulnerability in users.php in The Address Book 1.04e allows remote attackers to include arbitrary files via a .. | 5.0 |
2006-12-29 | CVE-2006-6817 | Alstrasoft | Information Disclosure vulnerability in Webhost Directory AlstraSoft Web Host Directory allows remote attackers to obtain sensitive information by requesting any invalid URI, which reveals the path in an error message, a different vulnerability than CVE-2006-2617. | 5.0 |
2006-12-29 | CVE-2006-6810 | DB HUB | Remote Denial of Service vulnerability in DB HUB DB HUB 0.3 Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote attackers to cause a denial of service (application crash) via crafted network traffic, which triggers memory corruption. | 5.0 |
2006-12-28 | CVE-2006-6318 | Stefan Ritt | Denial Of Service vulnerability in ELOG Web Logbook ELogD Server The show_elog_list function in elogd.c in elog 2.6.2 and earlier allows remote authenticated users to cause a denial of service (daemon crash) by attempting to access a logbook whose name begins with "global," which results in a NULL pointer dereference. | 5.0 |
2006-12-28 | CVE-2006-6781 | Hlstats | Input Validation vulnerability in Hlstats 1.20/1.34 HLstats 1.20 through 1.34 allows remote attackers to obtain sensitive information via playinfo mode, with certain values of the player and playerdata[lastName][] parameters, which reveals the path in an error message. | 5.0 |
2006-12-27 | CVE-2006-6759 | Realnetworks | Remote Denial of Service vulnerability in Realnetworks Realplayer 10.5 A certain ActiveX control in rpau3260.dll in RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer crash) by invoking the RealPlayer.Initialize method with certain arguments. | 5.0 |
2006-12-27 | CVE-2006-6758 | Http Explorer | Directory Traversal vulnerability in Http Explorer Http Explorer web Server 1.02 Directory traversal vulnerability in Http explorer 1.02 allows remote attackers to read arbitrary files via a .. | 5.0 |
2006-12-27 | CVE-2006-6755 | Ixprim | Information Disclosure vulnerability in Ixprim CMS 1.2 Ixprim 1.2 allows remote attackers to obtain sensitive information via a direct request for kernel/plugins/fckeditor2/ixprim_api.php, which reveals the path in an error message. | 5.0 |
2006-12-27 | CVE-2006-6751 | Dxmsoft | USE of Externally-Controlled Format String vulnerability in Dxmsoft XM Easy Personal FTP Server 5.2.1/5.3 Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the USER command or certain other available or nonexistent commands. | 5.0 |
2006-12-27 | CVE-2006-6750 | Dxmsoft | Remote Denial of Service vulnerability in Dxmsoft XM Easy Personal FTP Server 5.0.1 Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a long PORT command. | 5.0 |
2006-12-26 | CVE-2006-6735 | Obie Website | Information Exposure vulnerability in Obie Website Mini web Shop 2.1.C modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. | 5.0 |
2006-12-26 | CVE-2006-6725 | Phpbuilder | Path Traversal vulnerability in PHPbuilder Multiple directory traversal vulnerabilities in PHPBuilder 0.0.2 and earlier allow remote attackers to read arbitrary files via a .. | 5.0 |
2006-12-26 | CVE-2006-6743 | Phpprofiles | Local Security vulnerability in PHPprofiles 2.1.0 phpProfiles before 2.1.1 uses world writable permissions for certain profile files and directories, which allows local users to modify or delete files, related to (1) users/include/do_makeprofile.inc.php and (2) users/include/copy.inc.php. | 4.6 |
2006-12-31 | CVE-2006-7233 | Ignite Realtime | Cross-Site Scripting vulnerability in Ignite Realtime Openfire 2.6.0 Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0, and possibly other versions before 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 4.3 |
2006-12-31 | CVE-2006-6885 | Macromedia | Remote Denial of Service vulnerability in Macromedia Shockwave 10 An ActiveX control in SwDir.dll in Macromedia Shockwave 10 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the swURL attribute. | 4.3 |
2006-12-31 | CVE-2006-6882 | Golden Book | Cross-Site Scripting vulnerability in Golden Book Golden Book Cross-site scripting (XSS) vulnerability in golden book allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-12-31 | CVE-2006-6857 | Docebolms | Cross-Site Scripting vulnerability in Docebolms Cross-site scripting (XSS) vulnerability in modules/credits/credits.php in Docebo LMS allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | 4.3 |
2006-12-31 | CVE-2006-6832 | Joomla | Cross-Site Scripting vulnerability in Joomla Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title. | 4.3 |
2006-12-31 | CVE-2006-4727 | Tumbleweed | Cross-Site Scripting vulnerability in Tumbleweed Email Firewall 6.2.2Build4123 Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration Module 6.2.2 Build 4123, and possibly other versions before 6.3.2, allows remote attackers to inject arbitrary web script or HTML via the (1) lineId and (2) sort parameters. | 4.3 |
2006-12-31 | CVE-2006-4220 | Novell | Cross-Site Scripting vulnerability in Novell Groupwise and Groupwise Webaccess Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novell GroupWise WebAccess before 7 Support Pack 3 Public Beta allow remote attackers to inject arbitrary web script or HTML via the (1) User.html, (2) Error, (3) User.Theme.index, and (4) and User.lang parameters. | 4.3 |
2006-12-31 | CVE-2006-1305 | Microsoft | Resource Management Errors vulnerability in Microsoft Office and Outlook Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers. | 4.3 |
2006-12-29 | CVE-2006-6824 | PHP Icalendar | Cross-Site Scripting vulnerability in PHP Icalendar PHP Icalendar Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) getdate parameter in (a) day.php, (b) month.php, (c) year.php, (d) week.php, (e) search.php, (f) rss/index.php, (g) print.php, and (h) preferences.php; the (2) cpath parameter in (i) day.php, (j) month.php, (k) year.php, (l) week.php, and (m) search.php; the (3) query parameter in search.php; and possibly the cpath, (4) unset, and (5) set parameters in a setcookie action in preferences.php; different vectors than CVE-2006-3319. | 4.3 |
2006-12-27 | CVE-2006-6746 | Dreaxteam | Cross-Site Scripting vulnerability in Dreaxteam Xt-News 0.1 Multiple cross-site scripting (XSS) vulnerabilities in Xt-News 0.1 allow remote attackers to inject arbitrary web script or HTML via the id_news parameter to (1) add_comment.php or (2) show_news.php. | 4.3 |
2006-12-26 | CVE-2006-6737 | SUN | Information Disclosure vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue." | 4.3 |
2006-12-26 | CVE-2006-6736 | SUN | Information Disclosure vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue." | 4.3 |
2006-12-26 | CVE-2006-6734 | Obie Website | Cross-Site Scripting vulnerability in Obie Website Mini web Shop 2.1.C Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter. | 4.3 |
2006-12-26 | CVE-2006-6733 | Osticket | Cross-Site Scripting vulnerability in Osticket STS 1.2.7/1.3Beta Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbitrary web script or HTML via the e parameter. | 4.3 |
2006-12-26 | CVE-2006-6729 | A Blog | Cross-Site Scripting vulnerability in A-Blog Cross-site scripting (XSS) vulnerability in a-blog 1.51 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2006-12-27 | CVE-2006-6753 | Microsoft | Remote Security vulnerability in Windows Event Viewer Event Viewer (eventvwr.exe) in Microsoft Windows does not properly display log data that contains '%' (percent) characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not properly handled by certain processes that rely on Event Viewer. | 4.1 |
2006-12-31 | CVE-2006-6915 | IBM | Denial Of Service vulnerability in IBM AIX 5.2.0/5.3.0 ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. | 4.0 |
2006-12-27 | CVE-2006-6762 | Novell | Denial of Service vulnerability in Novell Netmail 3.5.2 The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument. | 4.0 |
2006-12-26 | CVE-2006-6724 | Bolintech | Denial-Of-Service vulnerability in Bolintech Dream FTP Server 1.02 BolinTech Dream FTP Server 1.02 allows remote authenticated users, including anonymous users, to cause a denial of service (application crash) via a certain invalid PORT command. | 4.0 |
7 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2006-12-31 | CVE-2006-7232 | Mysql Canonical | SQL Injection vulnerability in multiple products sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY. | 3.5 |
2006-12-29 | CVE-2006-6822 | Enthrallweb | Products Myprofile.ASP Arbitrary User Password Change vulnerability in EnthrallWeb myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter. | 3.5 |
2006-12-29 | CVE-2006-6821 | Enthrallweb | Products Myprofile.ASP Arbitrary User Password Change vulnerability in EnthrallWeb myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter. | 3.5 |
2006-12-29 | CVE-2006-6820 | Enthrallweb | Products Myprofile.ASP Arbitrary User Password Change vulnerability in EnthrallWeb myprofile.asp in Enthrallweb eCoupons does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter. | 3.5 |
2006-12-27 | CVE-2006-6775 | Acftp | Remote Denial of Service vulnerability in Acftp 1.5 acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command. | 3.5 |
2006-12-31 | CVE-2006-6895 | Sony Ericsson | Remote Security vulnerability in T60 The Bluetooth stack in the Sony Ericsson T60 does not properly implement "Limited discoverable" mode, which allows remote attackers to obtain unauthorized inquiry responses. | 2.9 |
2006-12-26 | CVE-2006-6744 | Phpprofiles | Local Security vulnerability in PHPprofiles 2.1.0 phpProfiles before 2.1.1 does not have an index.php or other index file in the (1) image_data, (2) graphics/comm, or (3) users read/write directories, which might allow remote attackers to list directory contents or have other unknown impacts. | 2.1 |