| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-6740 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in phpProfiles 3.1.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the menu parameter to (1) include/body.inc.php or (2) include/body_admin.inc.php; or a URL in the i
|
14-02-2024 - 01:17 | 26-12-2006 - 23:28 | |
| CVE-2006-1199 | 4.3 |
Cross-site scripting (XSS) vulnerability in iframe.php in daverave Link Bank allows remote attackers to inject arbitrary web script or HTML via the site parameter.
|
18-10-2018 - 16:31 | 14-03-2006 - 01:06 | |
| CVE-2006-1200 | 7.5 |
Direct static code injection vulnerability in add_link.txt in daverave Link Bank allows remote attackers to execute arbitrary PHP code via the url_name parameter, which is not sanitized before being stored in links.txt, which is later used in an incl
|
18-10-2018 - 16:31 | 14-03-2006 - 01:06 | |
| CVE-2006-1144 | 2.6 |
Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.
|
18-10-2018 - 16:30 | 10-03-2006 - 11:02 | |
| CVE-2006-0354 | 5.5 |
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number
|
11-10-2017 - 01:30 | 22-01-2006 - 20:03 | |
| CVE-2003-1309 | 10.0 |
The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2006-1155 | 4.3 |
Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp.
|
20-07-2017 - 01:30 | 12-03-2006 - 20:02 | |
| CVE-2006-1156 | 5.0 |
SQL injection vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to execute arbitrary SQL commands via the Username parameter in login.asp.
|
20-07-2017 - 01:30 | 12-03-2006 - 20:02 | |
| CVE-2006-1135 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php.
|
20-07-2017 - 01:30 | 10-03-2006 - 02:02 | |
| CVE-2006-1218 | 5.0 |
Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1".
|
08-03-2011 - 02:32 | 14-03-2006 - 02:02 |