Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-3253 | 2.6 |
Cross-site scripting (XSS) vulnerability in member.php in vBulletin 3.5.x allows remote attackers to inject arbitrary web script or HTML via the u parameter. NOTE: the vendor has disputed this report, stating that they have been unable to replicate
|
07-08-2024 - 19:15 | 28-06-2006 - 01:45 | |
CVE-2006-3873 | 7.5 |
Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a l
|
14-02-2024 - 01:17 | 12-09-2006 - 23:07 | |
CVE-2006-4720 | 7.5 |
PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO 2006 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter.
|
14-02-2024 - 01:17 | 12-09-2006 - 16:07 | |
CVE-2006-4745 | 3.6 |
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
|
17-10-2018 - 21:39 | 13-09-2006 - 22:07 | |
CVE-2006-4712 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content
|
17-10-2018 - 21:39 | 12-09-2006 - 16:07 | |
CVE-2006-4713 | 7.5 |
PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA 1.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.
|
17-10-2018 - 21:39 | 12-09-2006 - 16:07 | |
CVE-2006-4731 | 5.0 |
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containin
|
17-10-2018 - 21:39 | 13-09-2006 - 00:07 | |
CVE-2006-4722 | 7.5 |
PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) index.php and possibly (2) collector.php.
|
17-10-2018 - 21:39 | 12-09-2006 - 16:07 | |
CVE-2006-4384 | 5.1 |
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. This vulnerability is addressed in the following product release:
Apple, QuickTi
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2006-4386 | 5.1 |
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381. This vulnerability is addressed in the following product release:
Apple
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2006-4382 | 5.1 |
Multiple buffer overflows in Apple QuickTime before 7.1.3 allow user-assisted remote attackers to execute arbitrary code via a crafted QuickTime movie. This vulnerability is addressed in the following product release:
Apple, QuickTime Player, 7.1.3
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2006-4385 | 5.1 |
Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. This vulnerability is addressed in the following product release:
Apple, QuickTime Player, 7.1.3
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2006-4389 | 5.1 |
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2006-4388 | 5.1 |
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file. This vulnerability is addressed in the following product release:
Apple, QuickTime Player, 7.1.3
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2006-4381 | 5.1 |
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie. This vulnerability is addressed in the following product release:
Apple, QuickTime Player, 7.1.3
|
17-10-2018 - 21:36 | 12-09-2006 - 23:07 | |
CVE-2007-0353 | 6.8 |
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string.
|
16-10-2018 - 16:32 | 19-01-2007 - 01:28 | |
CVE-2007-4975 | 4.3 |
Cross-site scripting (XSS) vulnerability in hilfe.php in b1gMail 6.3.1 allows remote attackers to inject arbitrary web script or HTML via the chapter parameter.
|
15-10-2018 - 21:39 | 19-09-2007 - 18:17 | |
CVE-2008-3676 | 4.3 |
Unspecified vulnerability in the IMAP server in hMailServer 4.4.1 allows remote authenticated users to cause a denial of service (resource exhaustion or daemon crash) via a long series of IMAP commands.
|
11-10-2018 - 20:49 | 14-08-2008 - 19:41 | |
CVE-2010-1964 | 7.5 |
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
|
10-10-2018 - 19:58 | 17-06-2010 - 16:30 | |
CVE-2005-3560 | 7.5 |
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall
|
11-07-2017 - 01:33 | 16-11-2005 - 07:42 |