Max CVSS | 7.6 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-3850 | 5.1 |
PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/old_settings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been d
|
11-04-2024 - 00:40 | 25-07-2006 - 23:04 | |
CVE-2016-3606 | 6.8 |
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
|
13-05-2022 - 14:57 | 21-07-2016 - 10:14 | |
CVE-2000-0886 | 7.5 |
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
|
30-10-2018 - 16:25 | 19-12-2000 - 05:00 | |
CVE-2006-3678 | 5.0 |
TippingPoint IPS running the TippingPoint Operating System (TOS) before 2.2.4.6519 allows remote attackers to "force the device into layer 2 fallback (L2FB)", causing a denial of service (page fault), via a malformed packet.
|
18-10-2018 - 16:48 | 26-07-2006 - 23:04 | |
CVE-2006-3878 | 2.1 |
Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
|
17-10-2018 - 21:32 | 27-07-2006 - 01:04 | |
CVE-2006-3923 | 2.6 |
Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the Seitenname parameter.
|
17-10-2018 - 21:32 | 28-07-2006 - 23:04 | |
CVE-2006-3886 | 7.5 |
SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter in a viewgallery action in a request for the top-level URI. NOTE: the start parameter/search action is
|
17-10-2018 - 21:32 | 27-07-2006 - 01:04 | |
CVE-2006-3847 | 5.1 |
PHP remote file inclusion vulnerability in (1) admin.php, and possibly (2) details.php, (3) modify.php, (4) newgroup.php, (5) newtask.php, and (6) rss.php, in MoSpray (aka com_mospray) 1.8 RC1 allows remote attackers to execute arbitrary PHP code via
|
17-10-2018 - 21:31 | 25-07-2006 - 23:04 | |
CVE-2014-9449 | 5.0 |
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
|
10-11-2017 - 02:29 | 02-01-2015 - 20:59 | |
CVE-2006-3951 | 7.5 |
PHP remote file inclusion vulnerability in moodle.php in Mam-moodle alpha component (com_moodle) for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
19-10-2017 - 01:29 | 01-08-2006 - 21:04 | |
CVE-2006-3851 | 7.5 |
SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter.
|
19-10-2017 - 01:29 | 25-07-2006 - 23:04 | |
CVE-2008-4748 | 7.6 |
Format string vulnerability in the URI handler in KVirc 3.4.0, when set as the default application for processing IRC URIs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string
|
29-09-2017 - 01:32 | 27-10-2008 - 20:00 | |
CVE-2012-1061 | 7.5 |
SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
29-08-2017 - 01:31 | 14-02-2012 - 00:55 |