# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
95501 |
CVE-2006-3254 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in newthread.php in Woltlab Burning Board (WBB) 2.0 RC2 allows remote attackers to execute arbitrary SQL commands via the boardid parameter. |
95502 |
CVE-2006-3252 |
|
|
Exec Code Overflow |
2006-06-27 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request. |
95503 |
CVE-2006-3251 |
119 |
|
Exec Code Overflow |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries. |
95504 |
CVE-2006-3250 |
|
|
Exec Code Overflow |
2006-06-27 |
2018-10-18 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user. |
95505 |
CVE-2006-3249 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
** DISPUTED ** SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the vendor has disputed this report, stating "If a non positive integer or non-integer is used for the page parameter for a search URL, the search query will use a negative number for the LIMIT clause. This causes the query to break, showing no results. It IS NOT however a sql injection error." While the original report is from a researcher with mixed accuracy, as of 20060703, CVE does not have any additional information regarding this issue. |
95506 |
CVE-2006-3244 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in Anthill 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) order parameter in buglist.php and the (2) bug parameter in query.php. |
95507 |
CVE-2006-3243 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in usercp.php in MyBB (MyBulletinBoard) 1.0 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the showcodebuttons parameter. |
95508 |
CVE-2006-3242 |
|
|
DoS Exec Code Overflow |
2006-06-27 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. |
95509 |
CVE-2006-3240 |
79 |
|
XSS |
2006-06-27 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in classes/ui.class.php in dotProject 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the login parameter. |
95510 |
CVE-2006-3239 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in message.php in VBZooM 1.11 and earlier allows remote attackers to execute arbitrary SQL commands via the UserID parameter. |
95511 |
CVE-2006-3238 |
|
|
Exec Code Sql |
2006-06-27 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php. |
95512 |
CVE-2006-3236 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in thinkWMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) index.php or (b) printarticle.php, and the (2) catid parameter in index.php. |
95513 |
CVE-2006-3234 |
|
|
Exec Code Sql |
2006-06-27 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters. |
95514 |
CVE-2006-3233 |
|
|
XSS |
2006-06-27 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and other versions released before 06/18/2006, allows remote attackers to inject arbitrary web script or HTML via the from field. NOTE: some third party sources have mentioned the "to" and "from" fields, although CVE analysis shows that these are associated with the previous version, a different executable, and a different CVE. |
95515 |
CVE-2006-3232 |
|
|
|
2006-06-27 |
2009-06-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used." |
95516 |
CVE-2006-3231 |
|
|
+Info |
2006-06-27 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Unspecified vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.11, when fileServingEnabled is true, allows remote attackers to obtain JSP source code and other sensitive information via "URIs with special characters." |
95517 |
CVE-2006-3229 |
|
|
XSS |
2006-06-26 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released before 05/12/2006, allows remote attackers to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified vectors related to "openwebmailerror calls that need to display HTML." |
95518 |
CVE-2006-3228 |
|
|
Exec Code Overflow |
2006-06-26 |
2017-10-18 |
9.3 |
Admin |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file. |
95519 |
CVE-2006-3226 |
|
|
Bypass |
2006-06-26 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote attackers to bypass authentication via various methods, aka "ACS Weak Session Management Vulnerability." |
95520 |
CVE-2006-3224 |
|
|
DoS |
2006-06-26 |
2017-07-19 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself. |
95521 |
CVE-2006-3223 |
|
|
DoS Exec Code |
2006-06-27 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field. |
95522 |
CVE-2006-3222 |
|
|
Bypass |
2006-06-24 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode. |
95523 |
CVE-2006-3221 |
|
|
Exec Code Sql |
2006-06-24 |
2017-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in index.php in DataLife Engine 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded values in the user parameter in a userinfo subaction. |
95524 |
CVE-2006-3220 |
|
|
Exec Code Sql |
2006-06-24 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in studienplatztausch.php in Woltlab Burning Board (WBB) 2.2.1 allows remote attackers to execute arbitrary SQL commands via the sid parameter. |
95525 |
CVE-2006-3219 |
|
|
Exec Code Sql |
2006-06-24 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in thread.php in Woltlab Burning Board (WBB) 2.2.2 allows remote attackers to execute arbitrary SQL commands via the threadid parameter. |
95526 |
CVE-2006-3218 |
|
|
Exec Code Sql |
2006-06-24 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in profile.php in Woltlab Burning Board (WBB) 2.1.6 allows remote attackers to execute arbitrary SQL commands via the userid parameter. |
95527 |
CVE-2006-3216 |
|
|
DoS |
2006-06-23 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to cause a denial of service via (1) non-ASCII characters in a reverse DNS lookup result from a Received header, which leads to a Receiver service stop, and (2) unspecified vectors involving malformed messages, which causes "unpredictable behavior" that prevents the Security service from processing more messages. |
95528 |
CVE-2006-3215 |
|
|
Bypass |
2006-06-23 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set. |
95529 |
CVE-2006-3214 |
|
|
DoS |
2006-06-23 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in Hitachi Groupmax Address Server 7 and earlier, and Groupmax Mail Server 7 and earlier allows remote attackers to cause a denial of service (product "stop") via unspecified vectors involving "unexpected requests". |
95530 |
CVE-2006-3213 |
|
|
Exec Code Sql |
2006-06-23 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in WeBBoA Hosting 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter to an unspecified script, possibly host/yeni_host.asp. |
95531 |
CVE-2006-3212 |
|
|
XSS |
2006-06-23 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject web script or HTML via the (1) name, (2) email, (3) add, and (4) wName parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
95532 |
CVE-2006-3211 |
|
|
XSS |
2006-06-23 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments parameter. |
95533 |
CVE-2006-3210 |
94 |
|
XSS Dir. Trav. File Inclusion |
2006-06-23 |
2018-10-18 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Ralf Image Gallery (RIG) 0.7.4 and other versions before 1.0, when register_globals is enabled, allows remote attackers to conduct PHP remote file inclusion and directory traversal attacks via URLs or ".." sequences in the (1) dir_abs_src parameter in (a) check_entry.php, (b) admin_album.php, (c) admin_image.php, and (d) admin_util.php; and the (2) dir_abs_admin_src parameter in admin_album.php and admin_image.php. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) attacks. |
95534 |
CVE-2006-3209 |
|
|
+Priv |
2006-06-23 |
2018-10-18 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
** DISPUTED ** The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group by default upon installation. |
95535 |
CVE-2006-3208 |
|
|
Exec Code |
2006-06-23 |
2018-10-18 |
6.5 |
User |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote authenticated administrators to execute arbitrary PHP code via multiple unspecified "configuration fields" in (1) admin_chatconfig.php, (2) admin_configcss.php, (3) admin_config.php, or (4) admin_config2.php, which are stored as configuration settings. NOTE: this issue can be exploited by remote attackers by leveraging other vulnerabilities in UPB. |
95536 |
CVE-2006-3207 |
|
|
Dir. Trav. |
2006-06-23 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Directory traversal vulnerability in newpost.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the id parameter, as demonstrated by injecting a Perl CGI script using "[NR]" sequences in the message parameter, then calling close.php with modified id and t_id parameters to chmod the script. NOTE: this issue might be resultant from dynamic variable evaluation. |
95537 |
CVE-2006-3206 |
|
|
|
2006-06-23 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
register.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to create arbitrary accounts via the "[NR]" sequence in the signature field, which is used to separate multiple records. |
95538 |
CVE-2006-3205 |
|
|
|
2006-06-23 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions. |
95539 |
CVE-2006-3204 |
|
|
|
2006-06-23 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext by obtaining the plaintext password, which is sent when logging in, and the ciphertext, which is set in the pass_env cookie. |
95540 |
CVE-2006-3203 |
255 |
|
+Priv |
2006-06-23 |
2018-10-18 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges. |
95541 |
CVE-2006-3202 |
|
|
DoS |
2006-06-23 |
2017-07-19 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket. |
95542 |
CVE-2006-3201 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. |
95543 |
CVE-2006-3200 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue. |
95544 |
CVE-2006-3199 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. |
95545 |
CVE-2006-3198 |
|
|
Exec Code Overflow |
2006-06-23 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. |
95546 |
CVE-2006-3197 |
|
|
XSS |
2006-06-22 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML. |
95547 |
CVE-2006-3196 |
|
|
|
2006-06-22 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message. |
95548 |
CVE-2006-3195 |
|
|
XSS |
2006-06-22 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter. |
95549 |
CVE-2006-3194 |
|
|
Dir. Trav. |
2006-06-22 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter. |
95550 |
CVE-2006-3193 |
94 |
|
Exec Code File Inclusion |
2006-06-22 |
2017-10-18 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS 1.1.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) includes/content/contact_content.php; multiple files in adminpanel/includes/add_forms/ including (2) addbioform.php, (3) addfliersform.php, (4) addgenmerchform.php, (5) addinterviewsform.php, (6) addlinksform.php, (7) addlyricsform.php, (8) addmembioform.php, (9) addmerchform.php, (10) addmerchpicform.php, (11) addnewsform.php, (12) addphotosform.php, (13) addreleaseform.php, (14) addreleasepicform.php, (15) addrelmerchform.php, (16) addreviewsform.php, (17) addshowsform.php, (18) addwearmerchform.php; (19) adminpanel/includes/mailinglist/disphtmltbl.php, and (20) adminpanel/includes/mailinglist/dispxls.php. |