| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-3575 | 2.1 |
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields
|
18-10-2018 - 16:48 | 13-07-2006 - 10:05 | |
| CVE-2006-3571 | 2.6 |
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.
|
18-10-2018 - 16:48 | 13-07-2006 - 01:05 | |
| CVE-2006-3567 | 4.3 |
Cross-site scripting (XSS) vulnerability in the web administration interface logging feature in Juniper Networks (Redline) DX 5.1.x, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the username login
|
18-10-2018 - 16:48 | 13-07-2006 - 01:05 | |
| CVE-2006-3572 | 7.5 |
SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earlier allows remote attackers to execute arbitrary SQL commands via the msgid parameter.
|
18-10-2018 - 16:48 | 13-07-2006 - 01:05 | |
| CVE-2006-3563 | 2.6 |
Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
|
18-10-2018 - 16:48 | 13-07-2006 - 01:05 | |
| CVE-2006-3532 | 5.1 |
PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter.
|
18-10-2018 - 16:47 | 12-07-2006 - 21:05 | |
| CVE-2006-3533 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) fg, (2) line1, (3) line2, (4) bg, (5) c1, (6) c2, (7) c3, a
|
18-10-2018 - 16:47 | 12-07-2006 - 21:05 | |
| CVE-2006-3492 | 5.0 |
The CORBA::ORBInvokeRec::set_answer_invoke function in orb.cc in MICO (Mico Is CORBA) 2.3.12 and earlier allows remote attackers to cause a denial of service (application crash) via a message with an incorrect "object key", which triggers an assert e
|
18-10-2018 - 16:47 | 10-07-2006 - 22:05 | |
| CVE-2006-3530 | 6.8 |
PHP remote file inclusion vulnerability in com_pccookbook/pccookbook.php in the PccookBook Component for Mambo and Joomla 0.3 and possibly up to 1.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mo
|
18-10-2018 - 16:47 | 12-07-2006 - 21:05 | |
| CVE-2006-3537 | 7.5 |
PHP remote file inclusion vulnerability in index.php in Randshop before 1.2 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter, a different vector than CVE-2006-3375. This vulnerability is addressed in the following pro
|
18-10-2018 - 16:47 | 12-07-2006 - 21:05 | |
| CVE-2006-3531 | 7.5 |
includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and
|
18-10-2018 - 16:47 | 12-07-2006 - 21:05 | |
| CVE-2006-3526 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Sport-slo Advanced Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) name and (2) form parameters.
|
18-10-2018 - 16:47 | 12-07-2006 - 00:05 | |
| CVE-2006-3143 | 4.0 |
Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the error_msg parameter.
|
18-10-2018 - 16:46 | 22-06-2006 - 22:06 | |
| CVE-2006-1314 | 7.5 |
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages th
|
18-10-2018 - 16:32 | 11-07-2006 - 21:05 | |
| CVE-2007-0141 | 6.8 |
Cross-site scripting (XSS) vulnerability in yald.php in Yet Another Link Directory 1.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
16-10-2018 - 16:31 | 09-01-2007 - 18:28 | |
| CVE-2007-4837 | 7.5 |
SQL injection vulnerability in anket.asp in Proxy Anket 3.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
15-10-2018 - 21:38 | 12-09-2007 - 19:17 | |
| CVE-2008-3563 | 7.5 |
Multiple SQL injection vulnerabilities in Plogger 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the checked array parameter to plog-download.php in an album action and (2) unspecified parameters to plog-remote.php,
|
11-10-2018 - 20:48 | 10-08-2008 - 20:41 | |
| CVE-2011-1099 | 5.8 |
Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a ..
|
09-10-2018 - 19:30 | 09-03-2011 - 23:00 | |
| CVE-2005-3335 | 7.5 |
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.
|
11-07-2017 - 01:33 | 27-10-2005 - 10:02 |