# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
97951 |
CVE-2006-0449 |
|
|
DoS |
2006-01-26 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows remote attackers to cause a denial of service (infinite loop) by sending an APPEND command and disconnecting before the expected amount of data is sent. |
97952 |
CVE-2006-0448 |
|
|
DoS Dir. Trav. |
2006-01-26 |
2017-07-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and (2) SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to (a) list arbitrary directories or cause a denial of service via the LIST command; or create arbitrary files via the (b) APPEND, (c) COPY, or (d) RENAME commands. |
97953 |
CVE-2006-0447 |
|
|
Exec Code Overflow |
2006-01-26 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the (1) AUTH PLAIN or (2) AUTH LOGIN SMTP commands, which is not properly handled by (a) EPSTRS.EXE or (b) SPA-RS.EXE; (3) a long username in the APOP POP3 command, which is not properly handled by (c) EPSTPOP4S.EXE or (d) SPA-POP3S.EXE; (4) a long IMAP DELETE command, which is not properly handled by (e) EPSTIMAP4S.EXE or (f) SPA-IMAP4S.EXE. |
97954 |
CVE-2006-0446 |
|
|
Exec Code |
2006-01-26 |
2017-07-19 |
6.5 |
User |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote privileged attackers to execute arbitrary commands as the web server via unknown attack vectors. |
97955 |
CVE-2006-0445 |
|
|
File Inclusion |
2006-01-26 |
2018-10-19 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
index.php in Phpclanwebsite 1.23.1 allows remote authenticated users to obtain the installation path by specifying an invalid file name to the uploader page, as demonstrated by "\", which will display the full path of uploader.php. NOTE: this might be the result of a file inclusion vulnerability. |
97956 |
CVE-2006-0444 |
|
|
Exec Code Sql XSS |
2006-01-26 |
2018-10-19 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in index.php in Phpclanwebsite (aka PCW) 1.23.1 allows remote attackers to execute arbitrary SQL commands via the (1) par parameter in the post function on the forum page and possibly the (2) poll_id parameter on the poll page. NOTE: the poll_id vector can also allow resultant cross-site scripting (XSS) from an unquoted error message for invalid SQL syntax. |
97957 |
CVE-2006-0443 |
|
|
XSS |
2006-01-26 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in archive.php in CheesyBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) realname and (2) comment parameters, or (3) via a javascript URI in the url parameter, when adding a comment. |
97958 |
CVE-2006-0442 |
79 |
|
XSS |
2006-01-26 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 allow remote attackers to inject arbitrary web script or HTML via the (1) notepad parameter in a notepad action and (2) signature parameter in an editsig action. NOTE: These are different attack vectors, and probably a different vulnerability, than CVE-2006-0218 and CVE-2006-0219. |
97959 |
CVE-2006-0441 |
|
|
Exec Code Overflow |
2006-01-26 |
2018-10-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed. |
97960 |
CVE-2006-0440 |
|
|
Bypass |
2006-01-26 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtaining the MD5 hash of the password (possibly via another vulnerability that reads it from a data file), then including the hash in a cookie. |
97961 |
CVE-2006-0439 |
|
|
|
2006-01-26 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Text Rider 2.4 stores sensitive data in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain usernames and password hashes by directly accessing data/userlist.txt. |
97962 |
CVE-2006-0438 |
|
|
CSRF |
2006-02-06 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Cross-site request forgery (CSRF) vulnerability in phpBB 2.0.19, when Link to off-site Avatar or bbcode (IMG) are enabled, allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag in a user profile, as demonstrated using links to (1) admin/admin_users.php and (2) modcp.php. |
97963 |
CVE-2006-0437 |
|
|
XSS Bypass |
2006-02-06 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in admin_smilies.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) smile_url or (2) smile_emotion parameters, which bypasses a check for "<" and ">" characters. |
97964 |
CVE-2006-0436 |
|
|
+Priv |
2006-01-26 |
2017-10-10 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in HP HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain privileges via unknown attack vectors. |
97965 |
CVE-2006-0435 |
|
|
Bypass |
2006-01-26 |
2018-10-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01. |
97966 |
CVE-2006-0434 |
22 |
|
Dir. Trav. |
2006-01-26 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability. |
97967 |
CVE-2006-0433 |
|
|
DoS |
2006-02-02 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). |
97968 |
CVE-2006-0430 |
|
|
DoS |
2006-01-25 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6, when connection filters are enabled, cause the server to run more slowly, which makes it easier for remote attackers to cause a denial of service (server slowdown). |
97969 |
CVE-2006-0428 |
|
|
|
2006-01-25 |
2018-10-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5, when using Web Services Remote Portlets (WSRP), allows remote attackers to access restricted web resources via crafted URLs. |
97970 |
CVE-2006-0426 |
|
|
+Priv |
2006-01-25 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
BEA WebLogic Server and WebLogic Express 8.1 through SP4, when configuration auditing is enabled and a password change occurs, stores the old and new passwords in cleartext in the DefaultAuditRecorder.log file, which could allow attackers to gain privileges. |
97971 |
CVE-2006-0425 |
|
|
|
2006-01-25 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
BEA WebLogic Portal 8.1 through SP4 allows remote attackers to obtain the source for a deployment descriptor file via unknown vectors. |
97972 |
CVE-2006-0424 |
|
|
+Info |
2006-01-25 |
2017-07-19 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information. |
97973 |
CVE-2006-0423 |
|
|
+Priv |
2006-01-25 |
2018-10-30 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
BEA WebLogic Portal 8.1 through SP3 stores the password for the RDBMS Authentication provider in cleartext in the config.xml file, which allows attackers to gain privileges. |
97974 |
CVE-2006-0422 |
|
|
DoS |
2006-01-25 |
2017-07-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote attackers to access MBean attributes or cause an unspecified denial of service via unknown attack vectors. |
97975 |
CVE-2006-0421 |
|
|
+Priv |
2006-01-25 |
2017-07-19 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended. |
97976 |
CVE-2006-0420 |
|
|
DoS Overflow |
2006-01-25 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 through SP6 does not properly handle when servlets use relative forwarding, which allows remote attackers to cause a denial of service (slowdown) via unknown attack vectors that cause "looping stack overflow errors." |
97977 |
CVE-2006-0419 |
|
|
DoS |
2006-01-25 |
2008-09-05 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote attackers to read user entries or cause a denial of service (unspecified) via a large number of connections. |
97978 |
CVE-2006-0418 |
|
|
Exec Code |
2006-01-25 |
2018-10-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitrary code via a crafted username. |
97979 |
CVE-2006-0417 |
|
|
Exec Code Sql Bypass |
2006-01-25 |
2018-10-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters. |
97980 |
CVE-2006-0416 |
287 |
|
Bypass |
2006-01-25 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
SleeperChat 0.3f and earlier allows remote attackers to bypass authentication and create new entries via the txt parameter to (1) chat_no.php and (2) chat_if.php. |
97981 |
CVE-2006-0415 |
|
|
XSS |
2006-01-25 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in index.php in SleeperChat 0.3f and earlier allows remote attackers to inject arbitrary web script or HTML via the pseudo parameter. |
97982 |
CVE-2006-0414 |
|
|
|
2006-01-25 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server. |
97983 |
CVE-2006-0413 |
89 |
|
Exec Code Sql |
2006-01-25 |
2018-10-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in index.php in NewsPHP allow remote attackers to execute arbitrary SQL commands via the (1) discuss, (2) tim, (3) id, (4) last, and (5) limit parameter. |
97984 |
CVE-2006-0412 |
89 |
|
Exec Code Sql Bypass |
2006-01-25 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in CyberShop allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action. |
97985 |
CVE-2006-0411 |
|
|
+Priv |
2006-01-25 |
2017-07-19 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges. |
97986 |
CVE-2006-0410 |
|
|
Exec Code Sql |
2006-01-24 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings. |
97987 |
CVE-2006-0409 |
|
|
XSS |
2006-01-24 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in index.php in Pixelpost Photoblog 1.4.3 allows remote attackers to inject arbitrary web script or HTML via the "Add Comment" field in a comment popup. |
97988 |
CVE-2006-0408 |
|
|
Exec Code +Priv |
2006-01-24 |
2017-07-19 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
rsh utility in Sun Grid Engine (SGE) before 6.0u7_1 allows local users to gain privileges and execute arbitrary code via unspecified vectors, possibly involving command line arguments. |
97989 |
CVE-2006-0407 |
|
|
XSS |
2006-01-24 |
2018-10-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Board (AZbb) 1.1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) nickname parameter and (2) an iframe tag in the topic parameter. NOTE: the original disclosure specified the name parameter, but a correction was later provided. NOTE: followup posts have both disputed and confirmed the original claim. |
97990 |
CVE-2006-0406 |
|
|
+Info |
2006-01-24 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive information via a certain search request that reveals the table prefix in a SQL error message, possibly due to invalid parameters. |
97991 |
CVE-2006-0405 |
|
|
DoS |
2006-01-24 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. |
97992 |
CVE-2006-0404 |
|
|
+Info |
2006-01-24 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Note-A-Day Weblog 2.2 stores sensitive data under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to archive/.phpass-admin, which contains encrypted passwords. |
97993 |
CVE-2006-0403 |
89 |
|
Exec Code Sql |
2006-01-24 |
2018-10-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in e-moBLOG 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) monthy parameter to index.php or (2) login parameter to admin/index.php. NOTE: some sources have reported item 1 as involving the "monthly" parameter, but this is incorrect. |
97994 |
CVE-2006-0402 |
|
|
Exec Code Sql |
2006-01-24 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in Zoph before 0.5pre1 allows remote attackers to execute arbitrary SQL commands. |
97995 |
CVE-2006-0401 |
|
|
Bypass |
2006-04-05 |
2017-07-19 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Mac OS X before 10.4.6, when running on an Intel-based computer, allows attackers with physical access to bypass the firmware password and log on in Single User Mode via unspecified vectors. |
97996 |
CVE-2006-0400 |
|
|
Bypass |
2006-03-14 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to bypass the same-origin policy and execute Javascript in other domains via unknown vectors involving "crafted archives." |
97997 |
CVE-2006-0399 |
94 |
|
|
2006-03-14 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. |
97998 |
CVE-2006-0398 |
94 |
|
|
2006-03-14 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. |
97999 |
CVE-2006-0397 |
94 |
|
|
2006-03-14 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different. |
98000 |
CVE-2006-0396 |
|
|
Exec Code Overflow |
2006-03-14 |
2018-10-19 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment. |