| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
551 |
CVE-2006-2750 |
|
|
XSS |
2006-06-01 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message. |
|
552 |
CVE-2006-2749 |
|
|
Sql |
2006-06-01 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
SQL injection vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary SQL commands via the (1) txtCustomField and (2) CustomFieldID array parameters. |
|
553 |
CVE-2006-2748 |
|
|
Sql |
2006-06-01 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php. |
|
554 |
CVE-2006-2747 |
|
|
Exec Code Dir. Trav. |
2006-06-01 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in index.php in PhpMyDesktop|arcade 1.0 FINAL allows remote attackers to read arbitrary files or execute PHP code via a .. (dot dot) sequence and trailing null (%00) byte in the subsite parameter in a showsubsite todo. |
|
555 |
CVE-2006-2746 |
|
|
XSS File Inclusion |
2006-06-01 |
2018-10-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site scripting (XSS) vulnerabilities in F@cile Interactive Web 0.8.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) lang parameter in index.php, and the (2) mytheme and (3) myskin parameters in multiple "p-themes" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao. NOTE: vectors 2 and 3 might be resultant from file inclusion issues. |
|
556 |
CVE-2006-2745 |
|
|
Exec Code File Inclusion |
2006-06-01 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Multiple PHP remote file inclusion vulnerabilities in F@cile Interactive Web 0.8.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) pathfile parameter in (a) p-editpage.php and (b) p-editbox.php, and the (2) mytheme and (3) myskin parameters in multiple "p-themes" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao. |
|
557 |
CVE-2006-2744 |
|
|
Exec Code File Inclusion |
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. |
|
558 |
CVE-2006-2743 |
|
|
|
2006-06-01 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory. |
|
559 |
CVE-2006-2742 |
|
|
Exec Code Sql |
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc. |
|
560 |
CVE-2006-2741 |
|
|
XSS |
2006-06-01 |
2018-10-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors. |
|
561 |
CVE-2006-2740 |
|
|
Exec Code Sql |
2006-06-01 |
2018-10-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in Epicdesigns tinyBB 0.3 allow remote attackers to execute arbitrary SQL commands via the (1) q parameter in (a) forgot.php, and the (2) username and (3) password parameters in (b) login.php, and other unspecified vectors. |
|
562 |
CVE-2006-2739 |
|
|
Exec Code File Inclusion |
2006-06-01 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter. |
|
563 |
CVE-2006-2738 |
|
|
|
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed. |
|
564 |
CVE-2006-2737 |
|
|
|
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action. |
|
565 |
CVE-2006-2736 |
|
|
Exec Code File Inclusion |
2006-06-01 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in blend_data/blend_common.php in Blend Portal 1.2.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: This is a similar vulnerability to CVE-2006-2507. |
|
566 |
CVE-2006-2735 |
|
|
Exec Code File Inclusion |
2006-06-01 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: This is a similar vulnerability to CVE-2006-2507. |
|
567 |
CVE-2006-2734 |
|
|
Bypass |
2006-06-01 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker. |
|
568 |
CVE-2006-2733 |
|
|
|
2006-06-01 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts. |
|
569 |
CVE-2006-2732 |
|
|
Exec Code Sql |
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters. |
|
570 |
CVE-2006-2731 |
|
|
Exec Code Sql |
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) e_mesaj_yas.asp, (b) edi_haber.asp, and (c) haber_devam.asp; (2) hid parameter in (d) yazdir.asp and (e) yorum.asp, and the (3) e parameter in (f) arsiv.asp. NOTE: with administrator credentials, additional vectors exist including (4) yid parameter to (g) admin/y_admin.asp, (5) bid parameter to (h) admin/reklam_detay.asp, hid parameter to (i) admin/detay_yorum.asp and (j) admin/haber_sil.asp, (6) kid parameter to (k) admin/kategori_d.asp, (7) tur parameter to (l) admin/haber_ekle.asp, (8) s parameter to (m) admin/e_mesaj_yaz.asp, and id parameter to (n) admin/admin_sil.asp. |
|
571 |
CVE-2006-2730 |
|
|
File Inclusion |
2006-06-01 |
2017-10-19 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in admin/lib_action_step.php in Hot Open Tickets (HOT) 11012004_ver2f, when register_globals is enabled, allows remote attackers to include arbitrary files via the GLOBALS[CLASS_PATH] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. |
|
572 |
CVE-2006-2729 |
|
|
XSS |
2006-06-01 |
2017-07-20 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
573 |
CVE-2006-2728 |
|
|
XSS |
2006-06-01 |
2018-10-18 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the pic parameter. |
|
574 |
CVE-2006-2727 |
|
|
|
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter. |
|
575 |
CVE-2006-2726 |
|
|
File Inclusion |
2006-06-01 |
2017-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php. |
|
576 |
CVE-2006-2725 |
|
|
Exec Code Sql |
2006-06-01 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
|
577 |
CVE-2006-2724 |
|
|
XSS |
2006-06-01 |
2017-07-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a different vulnerability than CVE-2006-2227. |
|
578 |
CVE-2006-2723 |
|
|
DoS |
2006-06-01 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified versions of Mozilla Firefox allow remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags. NOTE: a followup post indicated that the initial report could not be verified. |
|
579 |
CVE-2006-2722 |
|
|
Exec Code Sql |
2006-06-01 |
2017-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources. |
|
580 |
CVE-2006-2721 |
|
|
Sql XSS |
2006-06-01 |
2018-10-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection. |
|
581 |
CVE-2006-2720 |
|
|
Exec Code Sql |
2006-06-01 |
2018-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the subcat parameter. |
|
582 |
CVE-2006-2719 |
|
|
|
2006-06-01 |
2018-10-18 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HR_Staff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords. |
|
583 |
CVE-2006-2718 |
|
|
|
2006-06-01 |
2018-10-18 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrated by using a stored procedure that provides the username and cleartext password of every account. |
|
584 |
CVE-2006-2703 |
|
|
Exec Code |
2006-06-01 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. |
|
585 |
CVE-2006-2662 |
|
|
+Priv |
2006-06-02 |
2018-10-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges. |
|
586 |
CVE-2006-2660 |
|
|
Bypass |
2006-06-13 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. |
|
587 |
CVE-2006-2655 |
|
|
Bypass |
2006-06-02 |
2017-07-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. |
|
588 |
CVE-2006-2654 |
|
|
Dir. Trav. |
2006-06-02 |
2017-07-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier. |
|
589 |
CVE-2006-2452 |
|
|
+Priv |
2006-06-09 |
2018-10-03 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges. |
|
590 |
CVE-2006-2449 |
|
|
|
2006-06-15 |
2018-10-18 |
4.0 |
None |
Local |
High |
Not required |
Complete |
None |
None |
|
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. |
|
591 |
CVE-2006-2448 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
5.6 |
None |
Local |
High |
Not required |
Complete |
None |
Complete |
|
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c). |
|
592 |
CVE-2006-2447 |
|
|
Exec Code |
2006-06-06 |
2018-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. |
|
593 |
CVE-2006-2445 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. |
|
594 |
CVE-2006-2439 |
119 |
|
Exec Code Overflow |
2006-06-01 |
2018-10-18 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. |
|
595 |
CVE-2006-2385 |
94 |
|
Exec Code Mem. Corr. |
2006-06-13 |
2021-07-23 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file. |
|
596 |
CVE-2006-2384 |
200 |
|
+Info |
2006-06-13 |
2021-07-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability." |
|
597 |
CVE-2006-2383 |
|
|
Exec Code |
2006-06-13 |
2021-07-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution. |
|
598 |
CVE-2006-2382 |
119 |
|
Exec Code Overflow Mem. Corr. |
2006-06-13 |
2021-07-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability." |
|
599 |
CVE-2006-2380 |
287 |
|
|
2006-06-13 |
2019-04-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication over SSL, which allows remote attackers to spoof an RPC server, aka the "RPC Mutual Authentication Vulnerability." |
|
600 |
CVE-2006-2379 |
119 |
|
Exec Code Overflow |
2006-06-13 |
2019-04-30 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing. |
