Show filters
735 Total Results
Displaying 681-690 of 735
Sort by:
Attacker Value
Unknown

CVE-2006-3162

Disclosure Date: June 22, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in include/inc_foot.php in SmartSiteCMS 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
0
0
Attacker Value
Unknown

CVE-2006-2528

Disclosure Date: May 22, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the language_dir parameter.
0
0
Attacker Value
Unknown

CVE-2006-2523

Disclosure Date: May 22, 2006 (last updated October 04, 2023)
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary PHP code via a URL in the Language cookie.
0
0
Attacker Value
Unknown

CVE-2006-2527

Disclosure Date: May 22, 2006 (last updated October 04, 2023)
Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to edit_member and the value parameter to 1.
0
0
Attacker Value
Unknown

CVE-2006-2323

Disclosure Date: May 12, 2006 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. NOTE: The config.php vector is already covered by CVE-2006-1749.
0
0
Attacker Value
Unknown

CVE-2006-2178

Disclosure Date: May 04, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allow remote attackers to inject arbitrary web script or HTML via the (1) SessionID parameter to login.asp, (2) ProductIndex parameter to browse0.htm, (3) rowcolor parameter to result.asp, or (4) heading parameter to result.asp. NOTE: vectors 1 and 2 might be resultant from SQL injection.
0
0
Attacker Value
Unknown

CVE-2006-2179

Disclosure Date: May 04, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in CyberBuild allow remote attackers to execute arbitrary SQL commands via the (1) SessionID parameter to login.asp or (2) ProductIndex parameter to browse0.htm.
0
0
Attacker Value
Unknown

CVE-2006-2089

Disclosure Date: April 29, 2006 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
0
0
Attacker Value
Unknown

CVE-2006-2090

Disclosure Date: April 29, 2006 (last updated October 04, 2023)
Multiple SQL injection vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) username parameters.
0
0
Attacker Value
Unknown

CVE-2006-2017

Disclosure Date: April 25, 2006 (last updated October 04, 2023)
Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.
0
0
View More Topics  < Previous  Next >