CVE-2006-4xxx

There are 956 CVE in this subgroup.
Last updated: 
← Back to 2006
ID Summary Flags Max Score
CVE-2006-4000 Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3....
E
CVE-2006-4001 Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded passwo...
E
CVE-2006-4002 Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 before 4.6.9, and 4.7 before 4...
S
CVE-2006-4003 The config method in Henrik Storner Hobbit monitor before 4.1.2p2 permits access to files outside of...
S
CVE-2006-4004 Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magic_qu...
E
CVE-2006-4005 BomberClone 0.11.6 and earlier allows remote attackers to cause a denial of service (daemon crash) v...
E
CVE-2006-4006 The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not r...
E
CVE-2006-4007 PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote at...
E
CVE-2006-4008 PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attacker...
E
CVE-2006-4009 Cross-site scripting (XSS) vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows r...
E
CVE-2006-4010 SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attacke...
E
CVE-2006-4011 PHP remote file inclusion vulnerability in esupport/admin/autoclose.php in Kayako eSupport 2.3.1 and...
E S
CVE-2006-4012 Multiple PHP remote file inclusion vulnerabilities in circeOS SaveWeb Portal 3.4 allow remote attack...
E
CVE-2006-4013 Multiple directory traversal vulnerabilities in Symantec Brightmail AntiSpam (SBAS) before 6.0.4, wh...
S
CVE-2006-4014 Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from...
S
CVE-2006-4015 Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow...
S
CVE-2006-4016 Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and un...
CVE-2006-4017 Cross-site scripting (XSS) vulnerability in the search module in Inter Network Marketing (INM) CMS G...
CVE-2006-4018 Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0...
E S
CVE-2006-4019 Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remot...
S
CVE-2006-4020 scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execu...
E S
CVE-2006-4021 The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers...
CVE-2006-4022 Intel 2100 PRO/Wireless Network Connection driver PROSet before 7.1.4.6 allows local users to corrup...
S
CVE-2006-4023 The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and retur...
E
CVE-2006-4024 The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through 0.5.5 allows user-assisted attacke...
E
CVE-2006-4025 SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated ...
E
CVE-2006-4026 PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote attackers to execute arbi...
E
CVE-2006-4028 Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack...
S
CVE-2006-4029 Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 allows remote attackers to execu...
E S
CVE-2006-4030 Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attacke...
CVE-2006-4031 MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previo...
E S
CVE-2006-4032 Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sen...
CVE-2006-4033 Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows rem...
E S
CVE-2006-4034 PHP remote file inclusion vulnerability in include/html/config.php in ModernGigabyte ModernBill 1.6 ...
E
CVE-2006-4035 SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c and earlier allows remote atta...
E
CVE-2006-4036 PHP remote file inclusion vulnerability in includes/usercp_register.php in ZoneMetrics ZoneX Publish...
E
CVE-2006-4037 Unspecified vulnerability in Fenestrae Faxination Server allows remote attackers to execute arbitrar...
CVE-2006-4038 Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier ...
E
CVE-2006-4039 Multiple SQL injection vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote ...
E
CVE-2006-4040 PHP remote file inclusion vulnerability in myevent.php in myWebland myEvent 1.3 and earlier allows r...
E
CVE-2006-4041 SQL injection vulnerability in Pike before 7.6.86, when using a Postgres database server, allows rem...
S
CVE-2006-4042 Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier all...
E
CVE-2006-4043 index.php in myWebland myBloggie 2.1.4 and earlier allows remote attackers to obtain sensitive infor...
E
CVE-2006-4044 PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and ...
E
CVE-2006-4045 PHP remote file inclusion vulnerability in news.php in Torbstoff News 4 allows remote attackers to e...
E
CVE-2006-4046 Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0....
E
CVE-2006-4047 SQL injection vulnerability in index.php in Netious CMS 0.4 and earlier allows remote attackers to e...
CVE-2006-4048 Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attacker...
CVE-2006-4049 Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local users...
CVE-2006-4050 PHP remote file inclusion vulnerability in auto_check_renewals.php in phpAutoMembersArea (phpAMA) 3....
E S
CVE-2006-4051 PHP remote file inclusion vulnerability in global.php in Turnkey Web Tools PHP Live Helper 2.0 and e...
E
CVE-2006-4052 Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Simple Shop 2.0 and earl...
E
CVE-2006-4053 PHP remote file inclusion vulnerability in templates/header.php in ME Download System 1.3 allows rem...
E
CVE-2006-4054 Multiple PHP remote file inclusion vulnerabilities in ME Download System 1.3 allow remote attackers ...
CVE-2006-4055 Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP)...
E
CVE-2006-4056 Multiple SQL injection vulnerabilities in the authentication process in katzlbt (a) The Address Book...
S
CVE-2006-4057 Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote ...
CVE-2006-4058 Cross-site scripting (XSS) vulnerability in archive.php in Simplog 0.9.3 and earlier allows remote a...
CVE-2006-4059 Multiple PHP remote file inclusion vulnerabilities in USOLVED NEWSolved Lite 1.9.2, and possibly ear...
E S
CVE-2006-4060 PHP remote file inclusion vulnerability in calendar.php in Visual Events Calendar 1.1 allows remote ...
E
CVE-2006-4061 PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1, when reg...
E
CVE-2006-4062 PHP remote file inclusion vulnerability in usr/extensions/get_tree.inc.php in Dmitry Sheiko SAPID Sh...
E
CVE-2006-4063 Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and earlier allo...
E
CVE-2006-4064 SQL injection vulnerability in default.asp in YenerTurk Haber Script 1.0 and earlier allows remote a...
E
CVE-2006-4065 Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko SAPID Gallery 1.0 and earlier al...
E
CVE-2006-4066 The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2 allows context...
CVE-2006-4067 Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows ...
S
CVE-2006-4068 The pswd.js script relies on the client to calculate whether a username and password match hard-code...
E
CVE-2006-4069 Multiple cross-site scripting (XSS) vulnerabilities in Elaine Aquino Online Zone Journals (OZJournal...
E
CVE-2006-4070 Format string vulnerability in Imendio Planner 0.13 allows user-assisted attackers to execute arbitr...
CVE-2006-4071 Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll) in M...
E
CVE-2006-4072 Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to exe...
E
CVE-2006-4073 Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attac...
E
CVE-2006-4074 PHP remote file inclusion vulnerability in lib/tpl/default/main.php in the JD-Wiki Component (com_jd...
E S
CVE-2006-4075 Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition (docpi...
E
CVE-2006-4076 Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition (docpi...
CVE-2006-4077 PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager ...
E
CVE-2006-4078 pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass...
S
CVE-2006-4079 Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allo...
CVE-2006-4080 DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which all...
CVE-2006-4081 preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attac...
CVE-2006-4082 Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin acco...
CVE-2006-4083 PHP remote file inclusion vulnerability in viewevent.php in myWebland myEvent 1.x allows remote atta...
CVE-2006-4084 Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 has unknown impact and attack ...
S
CVE-2006-4085 PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 and ...
CVE-2006-4086 Cross-site scripting (XSS) vulnerability in index.php in Elaine Aquino Online Zone Journals (OZJourn...
CVE-2006-4087 Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote a...
CVE-2006-4088 Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace 0.8.5 allow remote attackers to in...
CVE-2006-4089 Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to ...
E
CVE-2006-4090 Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 allows remote attackers to inject...
CVE-2006-4091 Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02...
CVE-2006-4092 Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Inter...
CVE-2006-4093 Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local ...
S
CVE-2006-4095 BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service ...
S
CVE-2006-4096 BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service ...
S
CVE-2006-4097 Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (...
S
CVE-2006-4098 Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for ...
CVE-2006-4099 Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows...
S
CVE-2006-4102 PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme and Till Brehm SQLiteWebAdmin ...
E
CVE-2006-4103 PHP remote file inclusion vulnerability in article-raw.php in Jason Alexander phNNTP 1.3 and earlier...
E
CVE-2006-4104 Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote a...
CVE-2006-4105 Cross-site scripting (XSS) vulnerability in Fill Threads Database (FTD) 3.7.3 allows remote attacker...
CVE-2006-4106 Cross-site scripting (XSS) vulnerability in blursoft blur6ex 0.3 allows remote attackers to inject a...
CVE-2006-4107 SQL injection vulnerability in the Job Search module (job.module) 4.6 before revision 1.3.2.1 in Dru...
S
CVE-2006-4108 SQL injection vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1.4.11 and 4.7...
S
CVE-2006-4109 Cross-site scripting (XSS) vulnerability in Bibliography (biblio.module) 4.6 before revision 1.1.1.1...
S
CVE-2006-4110 Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs v...
E
CVE-2006-4111 Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" i...
S
CVE-2006-4112 Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1....
S
CVE-2006-4113 PHP remote file inclusion vulnerability in genpage-cgi.php in Brian Fraval hitweb 4.2 and possibly e...
E
CVE-2006-4114 SQL injection vulnerability in view_com.php in Nicolas Grandjean PHPMyRing 4.2.0 and earlier allows ...
E
CVE-2006-4115 PHP remote file inclusion vulnerability in common.inc.php in PgMarket 2.2.3, when register_globals i...
E
CVE-2006-4116 Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute a...
E S
CVE-2006-4117 The squeue_drain function in Sun Solaris 10, possibly only when run on CMT processors, allows remote...
CVE-2006-4118 Multiple SQL injection vulnerabilities in GeheimChaos 0.5 and earlier allow remote attackers to exec...
CVE-2006-4119 SQL injection vulnerability in gc.php in GeheimChaos 0.5 and earlier allows remote attackers to exec...
CVE-2006-4120 Cross-site scripting (XSS) vulnerability in the Recipe module (recipe.module) before 1.54 for Drupal...
S
CVE-2006-4121 PHP remote file inclusion vulnerability in owimg.php3 in See-Commerce 1.0.625 and earlier allows rem...
E
CVE-2006-4122 Simple one-file guestbook 1.0 and earlier allows remote attackers to bypass authentication and delet...
E
CVE-2006-4123 PHP remote file inclusion vulnerability in boitenews4/index.php in Boite de News 4.0.1 allows remote...
E
CVE-2006-4124 The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_...
E
CVE-2006-4125 Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers t...
E S
CVE-2006-4126 The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cau...
E S
CVE-2006-4127 Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrat...
E S
CVE-2006-4128 Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent...
CVE-2006-4129 PHP remote file inclusion vulnerability in admin.webring.docs.php in the Webring Component (com_webr...
E
CVE-2006-4130 PHP remote file inclusion vulnerability in admin.remository.php in the Remository Component (com_rem...
E S
CVE-2006-4131 Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and p...
E S
CVE-2006-4132 ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote a...
E S
CVE-2006-4133 Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and ear...
CVE-2006-4134 Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and...
CVE-2006-4135 PHP remote file inclusion vulnerability in cal_config.inc.php in Calendarix 0.7.20060401 and earlier...
CVE-2006-4136 Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspeci...
S
CVE-2006-4137 IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via...
S
CVE-2006-4138 Multiple unspecified vulnerabilities in Microsoft Windows Help File viewer (winhlp32.exe) allow user...
E
CVE-2006-4139 Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via un...
S
CVE-2006-4140 Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attac...
E
CVE-2006-4141 SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 and earlier allows remote attack...
CVE-2006-4142 SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows r...
E
CVE-2006-4143 Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router ...
CVE-2006-4144 Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assis...
E S
CVE-2006-4145 The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local us...
CVE-2006-4146 Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU D...
S
CVE-2006-4154 Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attack...
S
CVE-2006-4155 Unspecified vulnerability in func_topic_threaded.php (aka threaded view mode) in Invision Power Boar...
CVE-2006-4156 PHP remote file inclusion vulnerability in big.php in pearlabs mafia moblog 6 and earlier allows rem...
CVE-2006-4157 Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows re...
E
CVE-2006-4158 PHP remote file inclusion vulnerability in Login.php in Spaminator 1.7 and earlier allows remote att...
E
CVE-2006-4159 Multiple PHP remote file inclusion vulnerabilities in Chaussette 080706 and earlier allow remote att...
E
CVE-2006-4160 Multiple PHP remote file inclusion vulnerabilities in Tony Bibbs and Vincent Furia MVCnPHP 3.0 allow...
E
CVE-2006-4161 Directory traversal vulnerability in the avatar_gallery action in profile.php in XennoBB 2.1.0 and e...
E
CVE-2006-4162 Cross-site scripting (XSS) vulnerability in Dragonfly CMS 9.0.6.1 and earlier allows remote attacker...
CVE-2006-4163 PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and ea...
E
CVE-2006-4164 PHP remote file inclusion vulnerability in inc/header.inc.php in phpPrintAnalyzer 1.2 and earlier al...
E
CVE-2006-4165 Cross-site scripting (XSS) vulnerability in NetCommons 1.0.8 and earlier allows remote attackers to ...
S
CVE-2006-4166 PHP remote file inclusion vulnerability in TinyWebGallery 1.5 and earlier allows remote attackers to...
E
CVE-2006-4168 Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before ...
S
CVE-2006-4169 Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 200706...
CVE-2006-4170 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4812. Reason: This candida...
R
CVE-2006-4172 Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier version...
CVE-2006-4175 The LDAP server (ns-slapd) in Sun Java System Directory Server 5.2 Patch4 and earlier and ONE Direct...
CVE-2006-4177 Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote at...
S
CVE-2006-4178 Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down...
CVE-2006-4180 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a r...
R
CVE-2006-4181 Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Rad...
S
CVE-2006-4182 Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attack...
S
CVE-2006-4183 Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including ...
CVE-2006-4184 SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists (ACL) in r...
S
CVE-2006-4185 Unspecified vulnerability in the NCPENGINE in Novell eDirectory 8.7.3.8 allows local users to cause ...
S
CVE-2006-4186 The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log ...
S
CVE-2006-4187 Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allow...
S
CVE-2006-4188 Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows...
S
CVE-2006-4189 Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute ...
E
CVE-2006-4190 Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local u...
E
CVE-2006-4191 Directory traversal vulnerability in memcp.php in XMB (Extreme Message Board) 1.9.6 and earlier allo...
E
CVE-2006-4192 Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and...
CVE-2006-4193 Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a d...
E
CVE-2006-4194 Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to sen...
CVE-2006-4195 PHP remote file inclusion vulnerability in param.peoplebook.php in the Peoplebook Component for Mamb...
E
CVE-2006-4196 PHP remote file inclusion vulnerability in index.php in WEBInsta CMS 0.3.1 and possibly earlier allo...
E
CVE-2006-4197 Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and ...
E
CVE-2006-4198 PHP remote file inclusion vulnerability in includes/session.php in Wheatblog (wB) 1.1 and earlier, w...
E
CVE-2006-4199 Cross-site scripting (XSS) vulnerability in Soft3304 04WebServer 1.83 and earlier allows remote atta...
S
CVE-2006-4200 Unspecified vulnerability in 04WebServer 1.83 and earlier allows remote attackers to bypass user aut...
S
CVE-2006-4201 Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector...
S
CVE-2006-4202 SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and earlier allows remote ...
E
CVE-2006-4203 PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earli...
E
CVE-2006-4204 Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 and possibly earlier allow remot...
E
CVE-2006-4205 Multiple PHP remote file inclusion vulnerabilities in WebDynamite ProjectButler 0.8.4 allow remote a...
E
CVE-2006-4206 Cross-site scripting (XSS) vulnerability in calendar.asp in ASPPlayground.NET Forum Advanced Edition...
CVE-2006-4207 Multiple PHP remote file inclusion vulnerabilities in Bob Jewell Discloser 0.0.4 and earlier allow r...
E
CVE-2006-4208 Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1....
E
CVE-2006-4209 PHP remote file inclusion vulnerability in install3.php in WEBInsta Mailing List Manager 1.3e allows...
E
CVE-2006-4210 nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows re...
E
CVE-2006-4211 Cross-site scripting (XSS) vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earl...
S
CVE-2006-4212 SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows re...
S
CVE-2006-4213 PHP remote file inclusion vulnerability in config.php in David Kent Norman Thatware 0.4.6 and possib...
E
CVE-2006-4214 Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and earlier allow remote attackers to exe...
CVE-2006-4215 PHP remote file inclusion vulnerability in index.php in Zen Cart 1.3.0.2 and earlier, when register_...
CVE-2006-4216 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4159. Reason: This candida...
R
CVE-2006-4217 PHP remote file inclusion vulnerability in modules/usersonline/users.php in WEBInsta CMS 0.3.1 allow...
CVE-2006-4218 Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include...
E S
CVE-2006-4219 The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service...
E
CVE-2006-4220 Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novell GroupWise WebAccess before 7...
CVE-2006-4221 Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 a...
E S
CVE-2006-4222 Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.0.2.13 have unspec...
S
CVE-2006-4223 IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to obtain ...
S
CVE-2006-4224 Cross-site scripting (XSS) vulnerability in calendar.php in Virtual War (VWar) 1.5.0 and earlier all...
CVE-2006-4225 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3139. Reason: This candida...
R
CVE-2006-4226 MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystem...
E S
CVE-2006-4227 MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security conte...
E
CVE-2006-4228 Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before MP1 20060816 allows remote atta...
S
CVE-2006-4229 PHP remote file inclusion vulnerability in archive.php in the mosListMessenger Component (com_lm) be...
CVE-2006-4230 Multiple PHP remote file inclusion vulnerabilities in index.php in Lizge V.20 Web Portal allow remot...
E
CVE-2006-4231 IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application cras...
CVE-2006-4232 Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815...
S
CVE-2006-4233 Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive informa...
E S
CVE-2006-4234 PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier a...
E
CVE-2006-4235 Buffer overflow in the import project functionality in Sony SonicStage Mastering Studio 1.1.00 throu...
S
CVE-2006-4236 Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arb...
E
CVE-2006-4237 PHP remote file inclusion vulnerability in pageheaderdefault.inc.php in Invisionix Roaming System Re...
E
CVE-2006-4238 SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote at...
E
CVE-2006-4239 PHP remote file inclusion vulnerability in include/urights.php in Outreach Project Tool (OPT) Max 1....
E
CVE-2006-4240 PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to e...
E
CVE-2006-4241 PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo componen...
E
CVE-2006-4242 PHP remote file inclusion vulnerability in install.jim.php in the JIM 1.0.1 component for Joomla or ...
E
CVE-2006-4243 linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code....
CVE-2006-4244 SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger-[u...
E
CVE-2006-4245 archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition....
E S
CVE-2006-4246 Usermin before 1.220 (20060629) allows remote attackers to read arbitrary files, possibly related to...
S
CVE-2006-4247 Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Can...
S
CVE-2006-4248 thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch ...
CVE-2006-4249 Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is ...
S
CVE-2006-4250 Buffer overflow in man and mandb (man-db) 2.4.3 and earlier allows local users to execute arbitrary ...
E S
CVE-2006-4251 Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbit...
S
CVE-2006-4252 PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource e...
S
CVE-2006-4253 Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a ...
CVE-2006-4254 Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain pri...
S
CVE-2006-4255 Cross-site scripting (XSS) vulnerability in horde/imp/search.php in Horde IMP H3 before 4.1.3 allows...
CVE-2006-4256 index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages f...
CVE-2006-4257 IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a d...
S
CVE-2006-4258 Absolute path traversal vulnerability in the get functionality in Anti-Spam SMTP Proxy (ASSP) allows...
CVE-2006-4259 Cross-site scripting (XSS) vulnerability in index.php in Fotopholder 1.8 allows remote attackers to ...
CVE-2006-4260 Directory traversal vulnerability in index.php in Fotopholder 1.8 allows remote attackers to read ar...
CVE-2006-4261 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4253. Reason: This candida...
R
CVE-2006-4262 Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial...
S
CVE-2006-4263 Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules ...
E
CVE-2006-4264 Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhome...
CVE-2006-4265 Kaspersky Anti-Hacker 1.8.180, when Stealth Mode is enabled, allows remote attackers to obtain respo...
CVE-2006-4266 Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Nor...
CVE-2006-4267 Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to exec...
E S
CVE-2006-4268 Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.11 and earlier allow remote atta...
E S
CVE-2006-4269 PHP remote file inclusion vulnerability in admin.x-shop.php in the x-shop component (com_x-shop) 1.7...
E
CVE-2006-4270 PHP remote file inclusion vulnerability in mambelfish.class.php in the mambelfish component (com_mam...
E
CVE-2006-4271 PHP remote file inclusion vulnerability in install/upgrade_301.php in Jelsoft vBulletin 3.5.4 allows...
E
CVE-2006-4272 Jelsoft vBulletin 3.5.4 allows remote attackers to register multiple arbitrary users and cause a den...
CVE-2006-4273 Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.5.4 and 3.6.0 allows remote attacker...
E
CVE-2006-4274 Rejected reason: Unknown vulnerability in Microsoft PowerPoint allows user-assisted attackers to exe...
R
CVE-2006-4275 PHP remote file inclusion vulnerability in catalogshop.php in the CatalogShop component for Mambo (c...
CVE-2006-4276 PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to exe...
E
CVE-2006-4277 Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attack...
E
CVE-2006-4278 PHP remote file inclusion vulnerability in includes/layout/plain.footer.php in SportsPHool 1.0 allow...
E
CVE-2006-4279 SQL injection vulnerability in topic_post.php in XennoBB 2.2.1 and earlier allows remote attackers t...
E
CVE-2006-4280 PHP remote file inclusion vulnerability in anjel.index.php in ANJEL (formerly MaMML) Component (com_...
CVE-2006-4281 PHP remote file inclusion vulnerability in akocomments.php in AkoComment 1.1 module (com_akocomment)...
E
CVE-2006-4282 PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki)...
E
CVE-2006-4283 Multiple PHP remote file inclusion vulnerabilities in SOLMETRA SPAW Editor 1.0.6 and 1.0.7 allow rem...
CVE-2006-4284 SQL injection vulnerability in comments.asp in LBlog 1.05 and earlier allows remote attackers to exe...
E
CVE-2006-4285 PHP remote file inclusion vulnerability in news.php in Fantastic News 2.1.3 and earlier allows remot...
E S
CVE-2006-4286 PHP remote file inclusion vulnerability in contentpublisher.php in the contentpublisher component (c...
CVE-2006-4287 Multiple PHP remote file inclusion vulnerabilities in NES Game and NES System c108122 and earlier al...
E
CVE-2006-4288 PHP remote file inclusion vulnerability in admin.a6mambocredits.php in the a6mambocredits component ...
E
CVE-2006-4289 Buffer overflow in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 allows remote attac...
S
CVE-2006-4290 Directory traversal vulnerability in Sony VAIO Media Server 2.x, 3.x, 4.x, and 5.x before 20060626 a...
S
CVE-2006-4291 PHP remote file inclusion vulnerability in handlers/email/mod.listmail.php in PHlyMail Lite 3.4.4 an...
E
CVE-2006-4292 Unspecified vulnerability in Niels Provos Honeyd before 1.5b allows remote attackers to cause a deni...
S
CVE-2006-4293 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject ar...
E
CVE-2006-4294 Directory traversal vulnerability in viewfile in TWiki 4.0.0 through 4.0.4 allows remote attackers t...
E S
CVE-2006-4295 Cross-site scripting (XSS) vulnerability in ascan_6.asp in Panda ActiveScan 5.53.00 allows remote at...
E S
CVE-2006-4296 PHP remote file inclusion vulnerability in classes/Tar.php in bigAPE-Backup component (com_babackup)...
E
CVE-2006-4297 SQL injection vulnerability in shopping_cart.php in osCommerce before 2.2 Milestone 2 060817 allows ...
E S
CVE-2006-4298 Multiple directory traversal vulnerabilities in cache.php in osCommerce before 2.2 Milestone 2 06081...
E
CVE-2006-4299 Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in TikiWiki 1.9.4 allows remote att...
CVE-2006-4300 SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to...
E
CVE-2006-4301 Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via...
E
CVE-2006-4302 The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4...
S
CVE-2006-4303 Race condition in (1) libnsl and (2) TLI/XTI API routines in Sun Solaris 10 allows remote attackers ...
CVE-2006-4304 Buffer overflow in the sppp driver in FreeBSD 4.11 through 6.1, NetBSD 2.0 through 4.0 beta before 2...
S
CVE-2006-4305 Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary co...
S
CVE-2006-4306 Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbit...
CVE-2006-4307 Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local ...
CVE-2006-4308 Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Lear...
CVE-2006-4309 VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows re...
CVE-2006-4310 Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a crafted F...
CVE-2006-4311 PHP remote file inclusion vulnerability in Sonium Enterprise Adressbook 0.2 allows remote attackers ...
CVE-2006-4312 Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when runn...
CVE-2006-4313 Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentrators before 4.1, 4.1.x up to ...
S
CVE-2006-4314 The manager server in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x allows remote attackers...
S
CVE-2006-4315 Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/...
S
CVE-2006-4316 SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program ca...
S
CVE-2006-4317 Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allo...
E
CVE-2006-4318 Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE...
E
CVE-2006-4319 Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to form...
S
CVE-2006-4320 PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows...
CVE-2006-4321 PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cp...
E
CVE-2006-4322 PHP remote file inclusion vulnerability in estateagent.php in the EstateAgent component (com_estatea...
E
CVE-2006-4323 SQL injection vulnerability in list.php in CityForFree indexcity 1.0, when magic_quotes_gpc is disab...
E
CVE-2006-4324 Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote ...
E
CVE-2006-4325 Cross-site scripting (XSS) vulnerability in gbook.php in Doika guestbook 2.5, and possibly earlier, ...
E
CVE-2006-4326 Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and ...
S
CVE-2006-4327 Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in CloudNine Interactive Links Ma...
E
CVE-2006-4328 SQL injection vulnerability in admin.php in CloudNine Interactive Links Manager 2006-06-12, when mag...
E
CVE-2006-4329 Multiple PHP remote file inclusion vulnerabilities in Shadows Rising RPG (Pre-Alpha) 0.0.5b and earl...
E
CVE-2006-4330 Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remot...
S
CVE-2006-4331 Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark (formerly Ethereal) 0.99....
S
CVE-2006-4332 Unspecified vulnerability in the DHCP dissector in Wireshark (formerly Ethereal) 0.10.13 through 0.9...
S
CVE-2006-4333 The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause ...
S
CVE-2006-4334 Unspecified vulnerability in gzip 1.3.5 allows context-dependent attackers to cause a denial of serv...
CVE-2006-4335 Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1...
CVE-2006-4336 Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 allows context-dependent attac...
S
CVE-2006-4337 Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-depende...
S
CVE-2006-4338 unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of s...
S
CVE-2006-4339 OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with expon...
S
CVE-2006-4340 Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5....
S
CVE-2006-4341 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4340. Reason: This candida...
R
CVE-2006-4342 The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a...
E
CVE-2006-4343 The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before ...
E S
CVE-2006-4344 CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attacker...
S
CVE-2006-4345 Stack-based buffer overflow in channels/chan_mgcp.c in MGCP in Asterisk 1.0 through 1.2.10 allows re...
S
CVE-2006-4346 Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record...
S
CVE-2006-4347 SQL injection vulnerability in user logon authentication request handling in Cool_CoolD.exe in Cool ...
S
CVE-2006-4348 PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9...
E
CVE-2006-4349 PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and earlier allows remote attackers to ex...
E
CVE-2006-4350 SQL injection vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to execute arb...
CVE-2006-4351 Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers t...
CVE-2006-4352 The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an int...
E
CVE-2006-4353 Unspecified vulnerability in Sun Java System Content Delivery Server 4.0, 4.1, and 5.0 allows local ...
S
CVE-2006-4354 PHP remote file inclusion vulnerability in e/class/CheckLevel.php in Phome Empire CMS 3.7 and earlie...
E
CVE-2006-4355 Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1....
S
CVE-2006-4356 SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08...
S
CVE-2006-4357 PHP remote file inclusion vulnerability in clients/index.php in Diesel Smart Traffic allows remote a...
E
CVE-2006-4358 Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay allows remote attackers to injec...
E
CVE-2006-4359 Stack-based buffer overflow in Trident Software PowerZip 7.06 Build 3895 on Windows 2000 allows remo...
E S
CVE-2006-4360 Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 (2...
S
CVE-2006-4361 Multiple cross-site scripting (XSS) vulnerabilities in jobseekers/forgot.php in Diesel Job Site allo...
CVE-2006-4362 Cross-site scripting (XSS) vulnerability in getad.php in Diesel Paid Mail allows remote attackers to...
E
CVE-2006-4363 PHP remote file inclusion vulnerability in admin.cropcanvas.php in the CropImage component (com_crop...
E
CVE-2006-4364 Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 a...
E S
CVE-2006-4365 Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attack...
E
CVE-2006-4366 PHP remote file inclusion vulnerability in index.php in RedBLoG 0.5 allows remote attackers to execu...
E
CVE-2006-4367 SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0....
E
CVE-2006-4368 PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x an...
E
CVE-2006-4369 Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and ...
E
CVE-2006-4370 Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authen...
S
CVE-2006-4371 Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon ...
S
CVE-2006-4372 PHP remote file inclusion vulnerability in admin.lurm_constructor.php in the Lurm Constructor compon...
E
CVE-2006-4373 PHP remote file inclusion vulnerability in modules/visitors2/include/config.inc.php in pSlash 0.70 a...
E
CVE-2006-4374 IrfanView 3.98 (with plugins) allows user-assisted attackers to cause a denial of service (applicati...
E
CVE-2006-4375 PHP remote file inclusion vulnerability in contxtd.class.php in the Contacts XTD (ContXTD) component...
CVE-2006-4376 Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Porta...
CVE-2006-4377 Multiple SQL injection vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remot...
CVE-2006-4378 Multiple PHP remote file inclusion vulnerabilities in the Rssxt component for Joomla! (com_rssxt), p...
CVE-2006-4379 Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Stan...
S
CVE-2006-4380 MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave cr...
E S
CVE-2006-4381 Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute ar...
E S
CVE-2006-4382 Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to ex...
S
CVE-2006-4384 Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...
E S
CVE-2006-4385 Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arb...
S
CVE-2006-4386 Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute ar...
S
CVE-2006-4387 Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the "Allow user to administer this...
S
CVE-2006-4388 Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute ar...
S
CVE-2006-4389 Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a c...
E S
CVE-2006-4390 CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trus...
S
CVE-2006-4391 Buffer overflow in Apple ImageIO on Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to ex...
S
CVE-2006-4392 The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) Ope...
S
CVE-2006-4393 Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switc...
S
CVE-2006-4394 A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without ...
S
CVE-2006-4395 Unspecified vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allo...
S
CVE-2006-4396 The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log fil...
CVE-2006-4397 Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tic...
S
CVE-2006-4398 Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 al...
CVE-2006-4399 User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to a...
S
CVE-2006-4400 Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier all...
CVE-2006-4401 Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote atta...
CVE-2006-4402 Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted r...
CVE-2006-4403 The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a l...
CVE-2006-4404 The Installer application in Apple Mac OS X 10.4.8 and earlier, when used by a user with Admin crede...
CVE-2006-4406 Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is ...
CVE-2006-4407 The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption...
CVE-2006-4408 The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a deni...
CVE-2006-4409 The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10...
CVE-2006-4410 The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10.4.7, does not properly search ...
CVE-2006-4411 The VPN service in Apple Mac OS X 10.3.x through 10.3.9 and 10.4.x through 10.4.8 does not properly ...
S
CVE-2006-4412 WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to ex...
S
CVE-2006-4413 Apple Remote Desktop before 3.1 uses insecure permissions for certain built-in packages, which allow...
CVE-2006-4416 Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to...
CVE-2006-4417 SQL injection vulnerability in edituser.php in Xoops before 2.0.15 allows remote attackers to execut...
CVE-2006-4418 Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers ...
E
CVE-2006-4419 SQL injection vulnerability in note.php in ProManager 0.73 allows remote attackers to execute arbitr...
E
CVE-2006-4420 Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to incl...
E
CVE-2006-4421 Cross-site scripting (XSS) vulnerability in template/default/thanks_comment.php in Yet Another PHP I...
CVE-2006-4422 PHP remote file inclusion vulnerability in includes/phpdig/libs/search_function.php in Jetbox CMS 2....
E
CVE-2006-4423 Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 allow remote attackers to execute...
E
CVE-2006-4424 PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remot...
E
CVE-2006-4425 Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execut...
E
CVE-2006-4426 PHP remote file inclusion vulnerability in AES/modules/auth/phpsecurityadmin/include/logout.php in A...
E
CVE-2006-4427 index.php in eFiction before 2.0.7 allows remote attackers to bypass authentication and gain privile...
E S
CVE-2006-4428 PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to...
E
CVE-2006-4429 PHP remote file inclusion vulnerability in handlers/email/mod.output.php in PHlyMail Lite 3.4.4 and ...
E
CVE-2006-4430 The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent ins...
CVE-2006-4431 Multiple buffer overflows in the (a) Session Clustering Daemon and the (b) mod_cluster module in the...
S
CVE-2006-4432 Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to over...
S
CVE-2006-4433 PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PH...
S
CVE-2006-4434 Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of ...
S
CVE-2006-4435 OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial...
S
CVE-2006-4436 isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with ...
S
CVE-2006-4437 Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via ...
E
CVE-2006-4438 Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier version...
CVE-2006-4439 pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions...
S
CVE-2006-4440 PHP remote file inclusion vulnerability in main.php in Ay System Solutions CMS 2.6 and earlier allow...
E
CVE-2006-4441 Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow ...
E
CVE-2006-4442 Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.95 allows remote attackers to ...
S
CVE-2006-4443 PHP remote file inclusion vulnerability in myajaxphp.php in AlstraSoft Video Share Enterprise allows...
E
CVE-2006-4444 Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for Windows allow remote authenticated...
E S
CVE-2006-4445 Multiple PHP remote file inclusion vulnerabilities in CuteNews 1.3.x allow remote attackers to execu...
CVE-2006-4446 Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Inte...
E
CVE-2006-4447 X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check t...
S
CVE-2006-4448 Multiple PHP remote file inclusion vulnerabilities in interact 2.2, when register_globals is enabled...
E
CVE-2006-4449 Cross-site scripting (XSS) vulnerability in attachment.php in MyBulletinBoard (MyBB) 1.1.7 and possi...
E S
CVE-2006-4450 usercp_avatar.php in PHPBB 2.0.20, when avatar uploading is enabled, allows remote attackers to use ...
E S
CVE-2006-4451 Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute ar...
CVE-2006-4452 PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and...
E
CVE-2006-4453 Cross-site scripting (XSS) vulnerability in PmWiki before 2.1.18 allows remote attackers to inject a...
CVE-2006-4454 Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.34 allows remote attackers to i...
E
CVE-2006-4455 Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of se...
E
CVE-2006-4456 PHP remote file inclusion vulnerability in functions.php in phpECard 2.1.4 and earlier allows remote...
E
CVE-2006-4457 PHP remote file inclusion vulnerability in index.php in phpECard 2.1.4 and earlier allows remote att...
CVE-2006-4458 Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.0...
E
CVE-2006-4459 Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause a denial of service (crash) vi...
CVE-2006-4460 Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.96 allows remote attackers to ...
CVE-2006-4461 Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptab...
CVE-2006-4462 Gonafish.com LinksCaffe 2.0 and 3.0 do not properly restrict access to administrator functions, whic...
E
CVE-2006-4463 SQL injection vulnerability in the administrator control panel in Jetstat.com JS ASP Faq Manager 1.1...
CVE-2006-4464 The Nokia Browser, possibly Nokia Symbian 60 Browser 3rd edition, allows remote attackers to cause a...
E
CVE-2006-4465 Microsoft Terminal Server, when running an application session with the "Start program at logon" and...
E
CVE-2006-4466 Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric param...
CVE-2006-4467 Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset va...
CVE-2006-4468 Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow a...
CVE-2006-4469 Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "r...
CVE-2006-4470 Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to...
CVE-2006-4471 The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to u...
CVE-2006-4472 Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authent...
CVE-2006-4473 Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set,...
S
CVE-2006-4474 Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers ...
S
CVE-2006-4475 Joomla! before 1.0.11 does not limit access to the Admin Popups functionality, which has unknown imp...
S
CVE-2006-4476 Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow a...
S
CVE-2006-4477 Multiple PHP remote file inclusion vulnerabilities in Visual Shapers ezContents 2.0.3 allow remote a...
E
CVE-2006-4478 SQL injection vulnerability in headeruserdata.php in Visual Shapers ezContents 2.0.3 allows remote a...
E
CVE-2006-4479 Cross-site scripting (XSS) vulnerability in loginreq2.php in Visual Shapers ezContents 2.0.3 allows ...
E
CVE-2006-4480 Incomplete blacklist vulnerability in the nk_CSS function in nuked.php in Nuked-Klan 1.7 SP4.3 allow...
CVE-2006-4481 The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode...
S
CVE-2006-4482 Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standar...
S
CVE-2006-4483 The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 per...
S
CVE-2006-4484 Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP ...
E S
CVE-2006-4485 The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-...
S
CVE-2006-4486 Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system,...
S
CVE-2006-4487 DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web document root with insufficient a...
E
CVE-2006-4488 PHP remote file inclusion vulnerability in modules/userstop/userstop.php in ExBB Italia 0.2 and earl...
E
CVE-2006-4489 Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07-14 (1.2.2) allow remote attac...
E
CVE-2006-4490 Multiple directory traversal vulnerabilities in Cybozu Office before 6.6 Build 1.3 and Share 360 bef...
CVE-2006-4491 Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8...
S
CVE-2006-4492 Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows allows remote attackers to obta...
S
CVE-2006-4493 xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions, which ...
CVE-2006-4494 Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption)...
E
CVE-2006-4495 Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption)...
CVE-2006-4496 Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to...
CVE-2006-4497 SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbi...
E
CVE-2006-4498 PHP remote file inclusion vulnerability in sommaire_admin.php in PhpAlbum (mod_phpalbum) 2.15 for Po...
E
CVE-2006-4499 ModernBill 5.0.4 and earlier uses cURL with insecure settings for CURLOPT_SSL_VERIFYPEER and CURLOPT...
CVE-2006-4500 Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attacke...
CVE-2006-4501 SQL injection vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to execute...
E
CVE-2006-4502 ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication controls via a direct request...
E
CVE-2006-4503 Directory traversal vulnerability in link.php in NX5Linx 1.0 allows remote attackers to read arbitra...
CVE-2006-4504 SQL injection vulnerability in NX5Linx 1.0 allows remote attackers to execute arbitrary SQL commands...
CVE-2006-4505 CRLF injection vulnerability in links.php in NX5Linx 1.0 allows remote attackers to inject arbitrary...
CVE-2006-4506 idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary co...
E S
CVE-2006-4507 Unspecified vulnerability in the TIFF viewer (possibly libTIFF) in the Photo Viewer in the Sony Play...
CVE-2006-4508 Unspecified vulnerability in (1) Tor 0.1.0.x before 0.1.0.18 and 0.1.1.x before 0.1.1.23, and (2) Sc...
S
CVE-2006-4509 Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDire...
S
CVE-2006-4510 The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 F...
S
CVE-2006-4511 Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows remote attackers to cause a d...
S
CVE-2006-4513 Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used b...
CVE-2006-4514 Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (l...
S
CVE-2006-4516 Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (mem...
S
CVE-2006-4517 Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the To...
S
CVE-2006-4518 Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption...
S
CVE-2006-4519 Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted re...
CVE-2006-4520 ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP...
S
CVE-2006-4521 The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 an...
S
CVE-2006-4522 Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary c...
CVE-2006-4523 The web-based management interface in 2Wire, Inc. HomePortal and OfficePortal Series modems and rout...
E
CVE-2006-4524 Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote atta...
CVE-2006-4525 Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is en...
CVE-2006-4526 SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and earlier, when...
CVE-2006-4527 includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is disabled, ...
CVE-2006-4528 Multiple cross-site scripting (XSS) vulnerabilities in membrepass 1.5 allow remote attackers to inje...
CVE-2006-4529 SQL injection vulnerability in recherchemembre.php in membrepass 1.5. allows remote attackers to exe...
CVE-2006-4530 Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote att...
CVE-2006-4531 PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS 1.1 and earlier allows remote...
E S
CVE-2006-4532 PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YAC...
E S
CVE-2006-4533 Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 and earlier allow remote attac...
CVE-2006-4534 Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted ...
S
CVE-2006-4535 The Linux kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 allows local users to cause a denial of serv...
CVE-2006-4536 SQL injection vulnerability in module/rejestracja.php in CMS Frogss 0.4 and earlier allows remote at...
E
CVE-2006-4537 NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an ...
S
CVE-2006-4538 Linux kernel 2.6.17 and earlier, when running on IA64 or SPARC platforms, allows local users to caus...
S
CVE-2006-4539 (1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Cl...
S
CVE-2006-4540 Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote a...
E
CVE-2006-4541 RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local ...
CVE-2006-4542 Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null ("%00") charac...
S
CVE-2006-4543 Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 allows remote attackers to inj...
E
CVE-2006-4544 Multiple PHP remote file inclusion vulnerabilities in ExBB 1.9.1, when register_globals is enabled, ...
E
CVE-2006-4545 PHP remote file inclusion vulnerability in ModuleBased CMS Pre-Alpha allows remote attackers to exec...
E
CVE-2006-4546 Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at ...
CVE-2006-4547 Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempti...
CVE-2006-4548 e107 0.75 and earlier does not properly unset variables when the input data includes a numeric param...
E
CVE-2006-4549 CHXO Feedsplitter 2006-01-21 allows remote attackers to read the source code of feedsplitter.php via...
CVE-2006-4550 Directory traversal vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to read ar...
CVE-2006-4551 Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to execute arbi...
CVE-2006-4552 Cross-site scripting (XSS) vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to ...
CVE-2006-4553 PHP remote file inclusion vulnerability in plugin.class.php in the com_comprofiler Components 1.0 RC...
E
CVE-2006-4554 Stack-based buffer overflow in the ReadFile function in the ZOO-processing exports in the BeCubed Co...
E S
CVE-2006-4555 Buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control allows remote attackers to exec...
CVE-2006-4556 PHP remote file inclusion vulnerability in index.php in the JIM component for Mambo and Joomla! allo...
CVE-2006-4557 PHP remote file inclusion vulnerability in plugins/plugins.php in Bob Jewell Discloser 0.0.4 allows ...
CVE-2006-4558 DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remot...
E S
CVE-2006-4559 Multiple PHP remote file inclusion vulnerabilities in Yet Another Community System (YACS) CMS 6.6.1 ...
E S
CVE-2006-4560 Internet Explorer 6 on Windows XP SP2 allows remote attackers to execute arbitrary JavaScript in the...
E
CVE-2006-4561 Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary JavaScript in the context of th...
E
CVE-2006-4562 The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary D...
CVE-2006-4563 Cross-site scripting (XSS) vulnerability in the MyHeadlines before 4.3.2 module for PHP-Nuke allows ...
E
CVE-2006-4564 SQL injection vulnerability in Sources/ManageBoards.php in Simple Machines Forum 1.1 RC3 allows remo...
CVE-2006-4565 Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMon...
S
CVE-2006-4566 Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote...
S
CVE-2006-4567 Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self...
E S
CVE-2006-4568 Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remote attackers to bypass the secu...
S
CVE-2006-4569 The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the contex...
S
CVE-2006-4570 Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows re...
S
CVE-2006-4571 Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaM...
S
CVE-2006-4572 ip6_tables in netfilter in the Linux kernel before 2.6.16.31 allows remote attackers to (1) bypass a...
S
CVE-2006-4573 Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb f...
S
CVE-2006-4574 Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.9...
CVE-2006-4575 Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote attackers to execute a...
E
CVE-2006-4576 Cross-site scripting (XSS) vulnerability in The Address Book 1.04e allows remote attackers to inject...
E
CVE-2006-4577 Multiple cross-site scripting (XSS) vulnerabilities in The Address Book 1.04e allow remote attackers...
E
CVE-2006-4578 export.php in The Address Book 1.04e writes username and password hash information into a publicly a...
CVE-2006-4579 Directory traversal vulnerability in users.php in The Address Book 1.04e allows remote attackers to ...
E
CVE-2006-4580 register.php in The Address Book 1.04e allows remote attackers to bypass the "Allow User Self-Regist...
CVE-2006-4581 Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header b...
CVE-2006-4582 Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e allows remote attackers to...
E
CVE-2006-4583 Multiple PHP remote file inclusion vulnerabilities in FlashChat before 4.6.2 allow remote attackers ...
E
CVE-2006-4584 Tr Forum 2.0 allows remote attackers to bypass authentication and add an administrative account via ...
E
CVE-2006-4585 SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to...
E
CVE-2006-4586 The admin panel in Tr Forum 2.0 accepts a username and password hash for authentication, which allow...
E
CVE-2006-4587 Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM 4.2.4, and possibly earlier, allow...
CVE-2006-4588 vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access ...
E
CVE-2006-4589 PHP remote file inclusion vulnerability in 0_admin/modules/Wochenkarte/frontend/index.php in DynCMS ...
E
CVE-2006-4590 SQL injection vulnerability in admin/default.asp in Jetstat.com JS ASP Faq Manager 1.10 and earlier ...
E
CVE-2006-4591 Multiple PHP remote file inclusion vulnerabilities in AlstraSoft Template Seller, and possibly Altra...
E
CVE-2006-4592 Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows r...
E
CVE-2006-4593 Cross-site scripting (XSS) vulnerability in index.php in SoftBB 0.1 and earlier allows remote attack...
E
CVE-2006-4594 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 an...
E
CVE-2006-4595 muforum (µforum) 0.4c stores membres/members.dat under the web document root with insufficient acces...
E
CVE-2006-4596 PHP remote file inclusion in MyBace Light Skrip, when register_globals is enabled, allows remote att...
CVE-2006-4597 SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier allows remote attackers to exe...
E
CVE-2006-4598 Multiple SQL injection vulnerabilities in links.php in ssLinks 1.22 allow remote attackers to execut...
E
CVE-2006-4599 SQL injection vulnerability in aut_verifica.inc.php in Autentificator 2.01 allows remote attackers t...
E
CVE-2006-4600 slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List...
S
CVE-2006-4601 SQL injection vulnerability in index.php in Annuaire 1Two 2.2 allows remote attackers to execute arb...
E
CVE-2006-4602 Unrestricted file upload vulnerability in jhot.php in TikiWiki 1.9.4 Sirius and earlier allows remot...
E
CVE-2006-4603 NCH Swift Sound Web Dictate 1.02 allows remote attackers to bypass authentication via a null passwor...
CVE-2006-4604 PHP remote file inclusion vulnerability in LFXlib/access_manager.php in Lanifex Database of Managed ...
E
CVE-2006-4605 PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remo...
E
CVE-2006-4606 Multiple SQL injection vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to...
E
CVE-2006-4607 admin/index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to bypass authentication...
E
CVE-2006-4608 Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote...
E
CVE-2006-4609 Multiple PHP remote file inclusion vulnerabilities in the Content Management module ("Content manage...
CVE-2006-4610 PHP remote file inclusion vulnerability in index.php in GrapAgenda 0.11 and earlier, when register_g...
E
CVE-2006-4611 Buffer overflow in the _tor_resolve function in dsocks.c in dsocks before 1.4 allows remote attacker...
E S
CVE-2006-4612 SQL injection vulnerability in ReplyNew.asp in ZIXForum 1.12 allows remote attackers to execute arbi...
CVE-2006-4613 Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow remote attackers to cause a de...
S
CVE-2006-4614 PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mob...
CVE-2006-4615 Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores usernames and passwords in pla...
E
CVE-2006-4616 SMTP service in MailEnable Standard, Professional, and Enterprise before ME-10014 (20060904) allows ...
S
CVE-2006-4617 Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier ...
CVE-2006-4618 PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 ...
S
CVE-2006-4619 The start update window in update.exe in Avira AntiVir PersonalEdition Classic 7.0 build 151 allows ...
CVE-2006-4620 The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly ear...
S
CVE-2006-4621 PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, and possibly earlier, allows r...
CVE-2006-4622 PHP remote file inclusion vulnerability in annonce.php in AnnonceV (aka annoncesV) 1.1 allows remote...
E
CVE-2006-4623 The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in ...
S
CVE-2006-4624 CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof...
S
CVE-2006-4625 PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server ht...
E S
CVE-2006-4626 Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers ...
E S
CVE-2006-4627 System Information ActiveX control (msinfo.dll), when accessed via Microsoft Internet Explorer, allo...
CVE-2006-4628 Cross-site scripting (XSS) vulnerability in VCD-db before 0.983 allows remote attackers to inject ar...
CVE-2006-4629 PHP remote file inclusion vulnerability in affichage/commentaires.php in C-News.fr C-News 1.0.1 and ...
E
CVE-2006-4630 PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING MySpeach 3.0.2 and earlier, wh...
E
CVE-2006-4631 Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, and possibly earlier...
E
CVE-2006-4632 Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers t...
E
CVE-2006-4633 index.php in SoftBB 0.1, and possibly earlier, allows remote attackers to obtain the installation pa...
E
CVE-2006-4634 Cross-site scripting (XSS) vulnerability in index.php in VBZooM allows remote attackers to inject ar...
E
CVE-2006-4635 Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authentica...
CVE-2006-4636 Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to i...
E
CVE-2006-4637 Multiple PHP remote file inclusion vulnerabilities in ACGV News 0.9.1 allow remote attackers to exec...
E
CVE-2006-4638 PHP remote file inclusion vulnerability in article.php in ACGV News 0.9.1 and earlier allows remote ...
E
CVE-2006-4639 Multiple PHP remote file inclusion vulnerabilities in C-News.fr C-News 1.0.1 and earlier, when regis...
CVE-2006-4640 Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attacker...
S
CVE-2006-4641 SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal 3.6 allows remote attackers to...
E
CVE-2006-4642 AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to Layton...
E
CVE-2006-4643 SQL injection vulnerability in consult/joueurs.php in Uni-Vert PhpLeague 0.82 and earlier allows rem...
E
CVE-2006-4644 PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier al...
E
CVE-2006-4645 PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking ...
E
CVE-2006-4646 Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto module before pathauto_node.inc ...
S
CVE-2006-4647 PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote att...
E
CVE-2006-4648 PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allo...
E
CVE-2006-4649 PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allo...
CVE-2006-4650 Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are m...
CVE-2006-4651 Directory traversal vulnerability in download/index.php, and possibly download.php, in threesquared....
CVE-2006-4652 (1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", wh...
CVE-2006-4653 (1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the we...
CVE-2006-4654 Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a d...
CVE-2006-4655 Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and ear...
CVE-2006-4656 PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_S...
E
CVE-2006-4657 Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under th...
CVE-2006-4658 Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in ...
CVE-2006-4659 The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses predictable URLs for the s...
CVE-2006-4660 Multiple cross-site scripting (XSS) vulnerabilities in the RSS Feed module in AOL ICQ Toolbar 1.3 fo...
CVE-2006-4661 AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not properly validate the origin of th...
CVE-2006-4662 Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earli...
S
CVE-2006-4663 The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions speci...
CVE-2006-4664 PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and ...
E
CVE-2006-4665 Cross-site scripting (XSS) vulnerability in index.php in MKPortal M1.1 Rc1 allows remote attackers t...
CVE-2006-4666 Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5 beta...
E
CVE-2006-4667 Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary S...
S
CVE-2006-4668 Cross-site scripting (XSS) vulnerability in index.php in Rob Hensley AckerTodo 4.0 allows remote att...
E
CVE-2006-4669 PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, whe...
E
CVE-2006-4670 Multiple PHP remote file inclusion vulnerabilities in PhotoKorn Gallery 1.52 and earlier allow remot...
E
CVE-2006-4671 PHP remote file inclusion vulnerability in headlines.php in Fantastic News 2.1.4, and possibly earli...
E
CVE-2006-4672 PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, possibly a component of PayPr...
E
CVE-2006-4673 Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the ex...
E S
CVE-2006-4674 Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote...
E S
CVE-2006-4675 Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows re...
E S
CVE-2006-4676 TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which al...
E
CVE-2006-4677 PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows...
CVE-2006-4678 PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute a...
CVE-2006-4679 DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to o...
E
CVE-2006-4680 The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, ...
CVE-2006-4681 Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attacker...
E S
CVE-2006-4682 Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a d...
S
CVE-2006-4683 IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers v...
S
CVE-2006-4684 The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly ha...
S
CVE-2006-4685 The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does n...
CVE-2006-4686 Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft...
CVE-2006-4687 Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via cra...
CVE-2006-4688 Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Serv...
S
CVE-2006-4689 Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windo...
S
CVE-2006-4690 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-4691 Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc....
S
CVE-2006-4692 Argument injection vulnerability in the Windows Object Packager (packager.exe) in Microsoft Windows ...
S
CVE-2006-4693 Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for Mac allows remote user-assisted...
CVE-2006-4694 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows u...
CVE-2006-4695 Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user...
S
CVE-2006-4696 Unspecified vulnerability in the Server service in Microsoft Windows 2000 SP4, Server 2003 SP1 and e...
S
CVE-2006-4697 Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX co...
CVE-2006-4698 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-4699 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-4700 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-4701 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-4702 Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and ...
CVE-2006-4703 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2006-4704 Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) Active...
E
CVE-2006-4705 SQL injection vulnerability in login.php in dwayner79 and Dominic Gamble Timesheet (aka Timesheet.ph...
CVE-2006-4706 Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1...
E S
CVE-2006-4707 Cross-site scripting (XSS) vulnerability in admin/global.php (aka the Admin CP login form) in MyBB (...
E S
CVE-2006-4708 Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to in...
E
CVE-2006-4709 SQL injection vulnerability in topic.php in Vikingboard 0.1b allows remote attackers to execute arbi...
E
CVE-2006-4710 Multiple cross-site scripting (XSS) vulnerabilities in NewsGator FeedDemon before 2.0.0.25 allow rem...
E S
CVE-2006-4711 Multiple cross-site scripting (XSS) vulnerabilities in Sage allow remote attackers to inject arbitra...
E
CVE-2006-4712 Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allow remote attackers to inject a...
E
CVE-2006-4713 PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA 1.0 RC2 allows remote attacke...
E
CVE-2006-4714 PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka ...
E S
CVE-2006-4715 SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWor...
E S
CVE-2006-4716 PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier al...
E
CVE-2006-4717 The login redirection mechanism in the Drupal 4.7 Pubcookie module before 1.2.2.4 2006/09/06 and the...
S
CVE-2006-4718 Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote ...
CVE-2006-4719 Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is ...
E
CVE-2006-4720 PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO 2006 allows remote attackers ...
E
CVE-2006-4721 Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote at...
E
CVE-2006-4722 PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows rem...
E
CVE-2006-4723 PHP remote file inclusion vulnerability in raidenhttpd-admin/slice/check.php in RaidenHTTPD 1.1.49, ...
E
CVE-2006-4724 Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01...
S
CVE-2006-4725 Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call component...
S
CVE-2006-4726 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attac...
S
CVE-2006-4727 Cross-site scripting (XSS) vulnerability in emfadmin/statusView.do in Tumbleweed EMF Administration ...
E
CVE-2006-4731 Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger befo...
S
CVE-2006-4732 Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a ...
E
CVE-2006-4733 PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integra...
E
CVE-2006-4734 Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php in Tikiwiki 1.9.4 allow remote ...
E
CVE-2006-4735 Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sensitive information via a direct...
CVE-2006-4736 Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 allow remote attackers to execute ...
CVE-2006-4737 SQL injection vulnerability in index.php in Jetbox CMS allows remote attackers to inject arbitrary w...
CVE-2006-4738 PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to exe...
CVE-2006-4739 Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject a...
CVE-2006-4740 Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain ...
CVE-2006-4741 PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows ...
E
CVE-2006-4742 Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remo...
E
CVE-2006-4743 WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct r...
CVE-2006-4744 Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, whic...
CVE-2006-4745 ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose conte...
E
CVE-2006-4746 PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allo...
E
CVE-2006-4747 Multiple cross-site scripting (XSS) vulnerabilities in IdevSpot TextAds allow remote attackers to in...
E
CVE-2006-4748 Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbit...
CVE-2006-4749 Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 al...
CVE-2006-4750 PHP remote file inclusion vulnerability in openi-admin/base/fileloader.php in OPENi-CMS 1.0.1, and p...
E
CVE-2006-4751 Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) ...
E
CVE-2006-4752 Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to obtain the installat...
E
CVE-2006-4753 Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read ...
E S
CVE-2006-4754 Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers t...
E S
CVE-2006-4755 Cross-site scripting (XSS) vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows re...
CVE-2006-4756 SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attacker...
CVE-2006-4757 Multiple SQL injection vulnerabilities in the admin section in e107 0.7.5 allow remote authenticated...
CVE-2006-4758 phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated adm...
E
CVE-2006-4759 PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remot...
E
CVE-2006-4760 Multiple cross-site scripting (XSS) vulnerabilities in Benjamin Pasero and Tobias Eichert RSSOwl all...
E
CVE-2006-4761 Multiple cross-site scripting (XSS) vulnerabilities in Luke Hutteman SharpReader allow remote attack...
E
CVE-2006-4762 Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader allow remote attackers to inj...
E
CVE-2006-4763 IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentic...
CVE-2006-4764 PHP remote file inclusion vulnerability in common.php in Thomas LETE WTools 0.0.1-ALPH allows remote...
E
CVE-2006-4765 NETGEAR DG834GT Wireless ADSL router running firmware 1.01.28 allows attackers to cause a denial of ...
CVE-2006-4766 Directory traversal vulnerability in print.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta all...
CVE-2006-4767 Multiple directory traversal vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5beta allow ...
CVE-2006-4768 Multiple direct static code injection vulnerabilities in add_go.php in Stefan Ernst Newsscript (aka ...
CVE-2006-4769 PHP remote file inclusion vulnerability in abf_js.php in p4CMS 1.05 allows remote attackers to execu...
E
CVE-2006-4770 PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 and earlier allows remote atta...
E
CVE-2006-4771 Cross-site scripting (XSS) vulnerability in haut.php in ForumJBC 4 allows remote attackers to inject...
E
CVE-2006-4772 HotPlug CMS stores sensitive information under the web root with insufficient access control, which ...
CVE-2006-4773 Sun StorEdge 6130 Array Controllers with firmware 06.12.10.11 and earlier allow remote attackers to ...
CVE-2006-4774 The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a de...
S
CVE-2006-4775 The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to ...
S
CVE-2006-4776 Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows ...
S
CVE-2006-4777 Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM obj...
CVE-2006-4778 SQL injection vulnerability in Creative Commons Tools ccHost before 3.0 allows remote attackers to e...
S
CVE-2006-4779 PHP remote file inclusion vulnerability in includes/functions_portal.php in Vitrax Premodded phpBB 1...
E
CVE-2006-4780 PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allow...
E
CVE-2006-4781 Heap-based buffer overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 allows remote attackers ...
E
CVE-2006-4782 src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attac...
E S
CVE-2006-4783 SQL injection vulnerability in squads.php in WebSPELL 4.01.01 and earlier, when register_globals is ...
E S
CVE-2006-4784 Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote a...
CVE-2006-4785 SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to ...
S
CVE-2006-4786 Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php an...
S
CVE-2006-4787 AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functiona...
S
CVE-2006-4788 PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) ...
E
CVE-2006-4789 Buffer overflow in Open Movie Editor 0.0.20060901 allows local users to cause a denial of service (s...
E
CVE-2006-4790 verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle exc...
S
CVE-2006-4793 Multiple SQL injection vulnerabilities in icerik.asp in TualBLOG 1.0 allow remote attackers to execu...
E
CVE-2006-4794 Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject a...
E
CVE-2006-4795 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-...
S
CVE-2006-4796 Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote atta...
E S
CVE-2006-4797 Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows...
CVE-2006-4798 SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent att...
E S
CVE-2006-4799 Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execu...
CVE-2006-4800 Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to c...
S
CVE-2006-4801 Race condition in Deja Vu, as used in Roxio Toast Titanium 7 and possibly other products, allows loc...
E
CVE-2006-4802 Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edit...
CVE-2006-4803 The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local user...
S
CVE-2006-4805 epan/dissectors/packet-xot.c in the XOT dissector (dissect_xot_pdu) in Wireshark (formerly Ethereal)...
CVE-2006-4806 Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of servi...
S
CVE-2006-4807 loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attack...
S
CVE-2006-4808 Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allo...
S
CVE-2006-4809 Stack-based buffer overflow in loader_pnm.c in imlib2 before 1.2.1, and possibly other versions, all...
S
CVE-2006-4810 Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) tex...
S
CVE-2006-4811 Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE ...
S
CVE-2006-4812 Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrar...
S
CVE-2006-4813 The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not prop...
S
CVE-2006-4814 The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space...
S
CVE-2006-4819 Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code v...
S
CVE-2006-4820 Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause...
S
CVE-2006-4821 Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview module before 1.19 2006/09/12 ...
S
CVE-2006-4822 Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier a...
CVE-2006-4823 PHP remote file inclusion vulnerability in scripts/news_page.php in Reamday Enterprises Magic News P...
E
CVE-2006-4824 PHP remote file inclusion vulnerability in lib/activeutil.php in Quicksilver Forums (QSF) 1.2.1 and ...
E
CVE-2006-4825 Multiple cross-site scripting (XSS) vulnerabilities in cl_files/index.php in SoftComplex PHP Event C...
E
CVE-2006-4826 PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows re...
E
CVE-2006-4827 Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1.8 and earlier allow remote at...
E
CVE-2006-4828 PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 through 4.6 allows remo...
E S
CVE-2006-4829 Multiple cross-site scripting (XSS) vulnerabilities in David Czarnecki Blojsom 2.31 allow remote att...
E S
CVE-2006-4830 Directory traversal vulnerability in EditBlogTemplatesPlugin.java in David Czarnecki Blojsom 2.30 al...
S
CVE-2006-4831 Unspecified vulnerability in IP over DNS is now easy (iodine) before 0.3.2 has unknown impact and at...
S
CVE-2006-4832 Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier,...
E
CVE-2006-4833 Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SD...
CVE-2006-4834 PHP remote file inclusion vulnerability in index.php in Jule Slootbeek phpQuiz 0.01 allows remote at...
E
CVE-2006-4835 Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive informa...
CVE-2006-4836 SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote attackers to execute arb...
E
CVE-2006-4837 Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to ex...
E
CVE-2006-4838 Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to i...
E
CVE-2006-4839 Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via ...
S
CVE-2006-4840 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3888. Reason: This candida...
R
CVE-2006-4842 The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-spe...
E
CVE-2006-4843 Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino be...
E
CVE-2006-4844 PHP remote file inclusion vulnerability in inc/claro_init_local.inc.php in Claroline 1.7.7 and earli...
E S
CVE-2006-4845 PHP remote file inclusion vulnerability in includes/footer.html.inc.php in TeamCal Pro 2.8.001 and e...
E
CVE-2006-4846 Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 200...
S
CVE-2006-4847 Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated ...
S
CVE-2006-4848 Multiple PHP remote file inclusion vulnerabilities in Brian Fraval Hitweb 3.0 allow remote attackers...
E
CVE-2006-4849 PHP remote file inclusion vulnerability in header.php in MobilePublisherPHP 1.5 RC2 and earlier allo...
E
CVE-2006-4850 PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and e...
E
CVE-2006-4851 PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 ...
CVE-2006-4852 SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute ...
E
CVE-2006-4853 SQL injection vulnerability in kategorix.asp in Haberx 1.02 through 1.1 allows remote attackers to e...
E
CVE-2006-4854 Rejected reason: Unspecified vulnerability in Microsoft Office 2000 (Chinese Edition) and Microsoft ...
R
CVE-2006-4855 The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions o...
E
CVE-2006-4856 Multiple cross-site scripting (XSS) vulnerabilities in Roller WebLogger 2.3 allow remote attackers t...
S
CVE-2006-4857 SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows re...
CVE-2006-4858 PHP remote file inclusion vulnerability in install.serverstat.php in the Serverstat (com_serverstat)...
E
CVE-2006-4859 Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in...
E
CVE-2006-4860 Multiple unspecified vulnerabilities in (1) index.php, (2) minixml.inc.php, (3) doc.inc.php, (4) ele...
S
CVE-2006-4861 SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi Panjwani Complain Center 1 allows ...
CVE-2006-4862 SQL injection vulnerability in default.aspx in easypage allows remote attackers to execute arbitrary...
CVE-2006-4863 Multiple PHP remote file inclusion vulnerabilities in Marc Cagninacci mcLinksCounter 1.1 allow remot...
CVE-2006-4864 PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote ...
E
CVE-2006-4865 Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive information via a direct reques...
CVE-2006-4866 Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possib...
CVE-2006-4867 SQL injection vulnerability in mods.php in GNUTurk 2G and earlier allows remote attackers to execute...
E
CVE-2006-4868 Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft ...
E S
CVE-2006-4869 PHP remote file inclusion vulnerability in phpunity-postcard.php in phpunity.postcard allows remote ...
E
CVE-2006-4870 Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, and possibly earlier versions, a...
E
CVE-2006-4871 SQL injection vulnerability in search_run.asp in Keyvan1 (aka Keyvan Janghorbani) EShoppingPro 1.0 a...
CVE-2006-4872 SQL injection vulnerability in search.asp in Keyvan1 (aka Keyvan Janghorbani) ECardPro 2.0 allows re...
CVE-2006-4873 Jupiter CMS allows remote attackers to obtain sensitive information via a direct request for (1) inc...
CVE-2006-4874 Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS allow remote attackers to inject ...
CVE-2006-4875 Unrestricted file upload vulnerability in modules/galleryuploadfunction.php in Jupiter CMS allows re...
CVE-2006-4876 Multiple SQL injection vulnerabilities in Jupiter CMS allow remote attackers to execute arbitrary SQ...
CVE-2006-4877 Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote atta...
CVE-2006-4878 Directory traversal vulnerability in footer.php in David Bennett PHP-Post (PHPp) 1.0 and earlier all...
E
CVE-2006-4879 SQL injection vulnerability in profile.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows r...
CVE-2006-4880 David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to obtain sensitive informatio...
CVE-2006-4881 Multiple cross-site scripting (XSS) vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and earlier...
CVE-2006-4882 SQL injection vulnerability in Review.asp in Julian Roberts Charon Cart 3 allows remote attackers to...
E
CVE-2006-4883 Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers ...
CVE-2006-4884 Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot iSupport 1.8 allow remote attackers ...
CVE-2006-4885 PHP remote file inclusion vulnerability in Shadowed Portal 5.599 and earlier allows remote attackers...
CVE-2006-4886 The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 a...
CVE-2006-4887 Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote mach...
CVE-2006-4888 Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (appl...
CVE-2006-4889 Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earli...
E
CVE-2006-4890 Multiple PHP remote file inclusion vulnerabilities in UNAK-CMS 1.5 and earlier allow remote attacker...
E
CVE-2006-4891 SQL injection vulnerability in ArticlesTableview.asp in Techno Dreams Articles & Papers Package 2.0 ...
E
CVE-2006-4892 SQL injection vulnerability in faqview.asp in Techno Dreams FAQ Manager Package 1.0 allows remote at...
E
CVE-2006-4893 PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0....
E
CVE-2006-4894 Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 an...
E
CVE-2006-4895 IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a...
E
CVE-2006-4896 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4785. Reason: This candida...
R
CVE-2006-4897 CMtextS 1.0 and earlier stores users_logins/admin.txt under the web document root with insufficient ...
E
CVE-2006-4898 PHP remote file inclusion vulnerability in include/phpxd/phpXD.php in guanxiCRM 0.9.1 and earlier al...
E
CVE-2006-4899 The ePPIServlet script in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to S...
E S
CVE-2006-4900 Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and...
E S
CVE-2006-4901 Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1...
E S
CVE-2006-4902 The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5....
S
CVE-2006-4904 Dynamic variable evaluation vulnerability in cmpi.php in Qualiteam X-Cart 4.1.3 and earlier allows r...
CVE-2006-4905 PHP remote file inclusion vulnerability in index.php in Artmedic Links 5.0 allows remote attackers t...
CVE-2006-4906 SQL injection vulnerability in modules/calendar/week.php in More.groupware 0.74 allows remote attack...
E
CVE-2006-4907 OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL to a non-e...
CVE-2006-4908 OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL containing...
E
CVE-2006-4909 Cross-site scripting (XSS) vulnerability in Cisco Guard DDoS Mitigation Appliance before 5.1(6), whe...
CVE-2006-4910 The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) ...
CVE-2006-4911 Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in in...
CVE-2006-4912 PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and earlier allows remote attackers to ...
E
CVE-2006-4913 Directory traversal vulnerability in chat/getStartOptions.php in AlstraSoft E-friends 4.85 allows re...
E
CVE-2006-4914 Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote attackers to read arbitrary files...
E
CVE-2006-4915 Cross-site scripting (XSS) vulnerability in index.php in Innovate Portal 2.0 allows remote attackers...
E
CVE-2006-4916 SQL injection vulnerability in uye_profil.asp in Tekman Portal (TR) 1.0 allows remote attackers to e...
E
CVE-2006-4917 Cross-site scripting (XSS) vulnerability in search.php in PT News 1.7.8 allows remote attackers to i...
E
CVE-2006-4918 Multiple PHP remote file inclusion vulnerabilities in Simple Discussion Board 0.1.0 allow remote att...
E
CVE-2006-4919 Directory traversal vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S)...
E
CVE-2006-4920 Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow rem...
E
CVE-2006-4921 PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attack...
CVE-2006-4922 Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School ...
E
CVE-2006-4923 Cross-site scripting (XSS) vulnerability in search.php in eSyndiCat Portal System allows remote atta...
E
CVE-2006-4924 sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause ...
E S
CVE-2006-4925 packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending a...
E S
CVE-2006-4926 The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device dri...
E S
CVE-2006-4927 The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as ...
E S
CVE-2006-4935 The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has unspec...
CVE-2006-4936 Moodle before 1.6.2 does not properly validate the module instance id when creating a course module ...
CVE-2006-4937 lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messag...
CVE-2006-4938 help.php in Moodle before 1.6.2 does not check the existence of certain help files before including ...
CVE-2006-4939 backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathnam...
CVE-2006-4940 login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive informa...
CVE-2006-4941 Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attack...
CVE-2006-4942 Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote auth...
CVE-2006-4943 course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providin...
CVE-2006-4944 PHP remote file inclusion vulnerability in includes/pear/Net/DNS/RR.php in ProgSys 0.151 and earlier...
E
CVE-2006-4945 Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop ...
E
CVE-2006-4946 PHP remote file inclusion vulnerability in include/startup.inc.php in CMSDevelopment Business Card W...
E
CVE-2006-4947 Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keywords module before 1.15 2006/0...
S
CVE-2006-4948 Stack-based buffer overflow in tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and earlier allows...
CVE-2006-4949 Cross-site scripting (XSS) vulnerability in the Drupal 4.6 Site Profile Directory (profile_pages.mod...
S
CVE-2006-4950 Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrat...
S
CVE-2006-4951 Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by se...
E S
CVE-2006-4952 The updatemail servlet in Neon WebMail for Java before 5.08 allows remote attackers to move e-mail m...
E S
CVE-2006-4953 Multiple SQL injection vulnerabilities in Neon WebMail for Java before 5.08 allow remote attackers t...
E S
CVE-2006-4954 The updateuser servlet in Neon WebMail for Java before 5.08 does not validate the in_id parameter, w...
E S
CVE-2006-4955 Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 a...
E S
CVE-2006-4956 Cross-site scripting (XSS) vulnerability in the updateuser servlet in Neon WebMail for Java before 5...
E S
CVE-2006-4957 SQL injection vulnerability in the GetMember function in functions.php in MyReview 1.9.4 allows remo...
E
CVE-2006-4958 Multiple cross-site scripting (XSS) vulnerabilities in Sun Secure Global Desktop (SSGD, aka Tarantel...
CVE-2006-4959 Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensit...
CVE-2006-4960 Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remot...
E
CVE-2006-4961 SQL injection vulnerability in the GetModuleConfig function in public_includes/pub_kernel/pbd_module...
E
CVE-2006-4962 Directory traversal vulnerability in pbd_engine.php in Php Blue Dragon 2.9.1 and earlier allows remo...
E
CVE-2006-4963 Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote attackers to rea...
E
CVE-2006-4964 Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attack...
S
CVE-2006-4965 Apple QuickTime 7.1.3 Player and Plug-In allows remote attackers to execute arbitrary JavaScript cod...
E
CVE-2006-4966 PHP remote file inclusion vulnerability in inc/ifunctions.php in chumpsoft phpQuestionnaire (phpQ) 3...
E
CVE-2006-4967 Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart allow remote attackers to inject...
E
CVE-2006-4968 PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remot...
E S
CVE-2006-4969 Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote atta...
E
CVE-2006-4970 PHP remote file inclusion vulnerability in enc/content.php in WAHM E-Commerce Pie Cart Pro allows re...
E
CVE-2006-4971 MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive information via a direct requ...
CVE-2006-4972 Cross-site scripting (XSS) vulnerability in archive/index.php/forum-4.html in MyBB (aka MyBulletinBo...
CVE-2006-4973 Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual Motion Interactive Systems Dot...
E S
CVE-2006-4974 Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute ar...
E
CVE-2006-4975 Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted...
E
CVE-2006-4976 The Date Library in John Lim ADOdb Library for PHP allows remote attackers to obtain sensitive infor...
CVE-2006-4977 Multiple unrestricted file upload vulnerabilities in (1) back/upload_img.php and (2) admin/upload_im...
E
CVE-2006-4978 Multiple SQL injection vulnerabilities in Walter Beschmout PhpQuiz 1.2 and earlier allow remote atta...
E
CVE-2006-4979 Direct static code injection vulnerability in cfgphpquiz/install.php in Walter Beschmout PhpQuiz 1.2...
E
CVE-2006-4980 Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-depend...
S
CVE-2006-4981 Symantec Sygate NAC allows physically proximate attackers to bypass control methods and join a local...
CVE-2006-4982 Cisco NAC maintains an exception list that does not record device properties other than MAC address,...
CVE-2006-4983 Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3)...
CVE-2006-4984 Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers ...
E
CVE-2006-4985 Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote attackers...
E
CVE-2006-4986 Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request ...
E
CVE-2006-4987 Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote attack...
E
CVE-2006-4988 Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote attac...
E
CVE-2006-4989 Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive information via a direct requ...
E
CVE-2006-4990 Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow remote attackers to execute ar...
CVE-2006-4991 RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows privileged local users to hide ...
CVE-2006-4992 Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for Joomla! (com_jd-wp) 2.0-1.0 R...
E
CVE-2006-4993 Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote att...
E
CVE-2006-4994 Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow loca...
CVE-2006-4995 PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestats) before 2.1.1 for Joomla! al...
CVE-2006-4996 Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 for Joomla! allows remote attack...
S
CVE-2006-4997 The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attacker...
E S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.