Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-3692 | 7.5 |
PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, statin
|
07-08-2024 - 19:15 | 21-07-2006 - 14:03 | |
CVE-2006-3689 | 7.5 |
PHP remote file inclusion vulnerability in user-func.php in Codeworks Gnomedia SubberZ[Lite] allows remote attackers to execute arbitrary PHP code via a URL in the myadmindir parameter. NOTE: this issue has been disputed by a third party that claims
|
07-08-2024 - 19:15 | 21-07-2006 - 14:03 | |
CVE-2008-5736 | 7.2 |
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown att
|
02-08-2019 - 15:38 | 26-12-2008 - 18:30 | |
CVE-2006-3693 | 4.6 |
Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system f
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3690 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php.
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3691 | 7.5 |
Multiple SQL injection vulnerabilities in VBZooM 1.11 and earlier allow remote attackers to execute arbitrary SQL commands via the UserID parameter to (1) ignore-pm.php, (2) sendmail.php, (3) reply.php or (4) sub-join.php.
|
18-10-2018 - 16:48 | 21-07-2006 - 14:03 | |
CVE-2006-3168 | 7.5 |
SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php.
|
18-10-2018 - 16:46 | 23-06-2006 - 00:02 | |
CVE-2006-3169 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) msg_result and (2) rep_titre parameters in (a) read.php; and the (3) id and (4) parent paramete
|
18-10-2018 - 16:46 | 23-06-2006 - 00:02 | |
CVE-2006-3170 | 5.0 |
CS-Forum before 0.82 allows remote attackers to obtain sensitive information via unspecified manipulations, possibly involving an empty collapse[] or readall parameter to index.php, which reveals the installation path in an error message.
|
18-10-2018 - 16:46 | 23-06-2006 - 00:02 | |
CVE-2006-3725 | 2.1 |
Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentCont
|
17-10-2018 - 21:29 | 21-07-2006 - 14:03 | |
CVE-2006-3752 | 7.5 |
Multiple SQL injection vulnerabilities in class.php in Professional Home Page Tools Guestbook allow remote attackers to execute arbitrary SQL commands via the (1) hidemail, (2) name, (3) mail, (4) ip, or (5) text parameters.
|
17-10-2018 - 21:29 | 21-07-2006 - 14:03 | |
CVE-2007-3040 | 9.3 |
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agen
|
16-10-2018 - 16:47 | 12-09-2007 - 01:17 | |
CVE-2007-0156 | 7.5 |
M-Core stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to db/uyelik.mdb.
|
16-10-2018 - 16:31 | 09-01-2007 - 18:28 | |
CVE-2006-3750 | 6.8 |
PHP remote file inclusion vulnerability in server.php in the Hashcash Component (com_hashcash) 1.2.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
|
19-10-2017 - 01:29 | 21-07-2006 - 14:03 | |
CVE-2006-3751 | 6.8 |
PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon Component (com_htmlarea3_xtd-c) for ImageManager 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path p
|
19-10-2017 - 01:29 | 21-07-2006 - 14:03 | |
CVE-2006-3749 | 6.8 |
PHP remote file inclusion vulnerability in sitemap.xml.php in Sitemap component (com_sitemap) 2.0.0 for Mambo 4.5.1 CMS, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path
|
19-10-2017 - 01:29 | 21-07-2006 - 14:03 | |
CVE-2008-3570 | 7.5 |
PHP remote file inclusion vulnerability in index.php in Africa Be Gone (ABG) 1.0a allows remote attackers to execute arbitrary PHP code via a URL in the abg_path parameter.
|
29-09-2017 - 01:31 | 10-08-2008 - 20:41 | |
CVE-2006-3696 | 2.1 |
filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
|
20-07-2017 - 01:32 | 21-07-2006 - 14:03 | |
CVE-2006-3668 | 7.6 |
Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impu
|
20-07-2017 - 01:32 | 18-07-2006 - 15:47 | |
CVE-2005-3315 | 7.5 |
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilte
|
08-03-2011 - 02:26 | 30-10-2005 - 20:02 |