Lucene search
K

59 matches found

OSV
OSV
added 2011/12/15 3:57 a.m.6 views

CVE-2011-4606

Artsoft Entertainment Rocks'n'Diamonds aka rocksndiamonds 3.3.0.1 allows local users to overwrite arbitrary files via a symlink attack on .rocksndiamonds/cache/artworkinfo.cache under a user's home directory...

6.1AI score0.00341EPSS
Exploits0References4
CVE
CVE
added 2011/12/15 2:0 a.m.59 views

CVE-2011-4606

CVE-2011-4606 affects rocksndiamonds 3.3.0.1, enabling local users to overwrite files via a symlink attack on ~/.rocksndiamonds/cache/artworkinfo.cache in a user’s home. The issue is mitigated by updated packages, e.g., rocksndiamonds 3.3.1.2-2.5 (openSUSE), with Fedora updates 2012-1567/1553 add...

3.6CVSS6.2AI score0.00341EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2010/12/29 5:27 p.m.54 views

CVE-2010-4606

The CVE concerns the Space Management client in the Hierarchical Storage Management (HSM) component of IBM Tivoli Storage Manager (TSM). Affected versions are 5.4.x (until 5.4.3.4), 5.5.x (until 5.5.3), 6.1.x (until 6.1.4), and 6.2.x (until 6.2.2) on Unix/Linux. The issue allows remote attackers ...

7.5CVSS7.8AI score0.05067EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2010/01/28 12:0 a.m.20 views

WebDrive缺少安全描述符本地权限提升漏洞

BUGTRAQ ID: 37955 CVE ID: CVE-2009-4606 WebDrive是Windows化的文件传输软件,可将FTP服务器设置为硬盘盘符。 WebDrive所安装的WebDrive服务没有设置安全描述符,本地用户可以通过stop命令终止服务、使用config命令修改binPath变量并执行任意命令,或通过start命令重启服务。 South River Technologies WebDrive 9.02 厂商补丁: South River Technologies ------------------------...

7.2CVSS6.4AI score0.008EPSS
Exploits2
Packet Storm
Packet Storm
added 2010/01/27 12:0 a.m.34 views

South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation

South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation. This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River...

7.2CVSS0.3AI score0.008EPSS
Exploits2
CVE
CVE
added 2010/01/13 11:0 a.m.40 views

CVE-2009-4606

South River Technologies WebDrive 9.02 build 2232 is vulnerable to a local privilege escalation due to the WebDrive Service being installed without a security descriptor. An attacker with local access can stop the service, modify the binPath via config to execute arbitrary commands as SYSTEM, or ...

7.2CVSS7.4AI score0.008EPSS
Exploits2References6Affected Software1
Circl
Circl
added 2009/04/14 12:0 a.m.14 views

CVE-2006-4606

creationtimestamp| type| source ---|---|--- 2009-04-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8425...

7.5CVSS5.8AI score0.02374EPSS
Exploits0References1
CVE
CVE
added 2008/10/17 10:0 p.m.40 views

CVE-2008-4606

CVE-2008-4606 documents multiple SQL injection vulnerabilities in IP Reg 0.4 and earlier, allowing remote attackers to execute arbitrary SQL commands via the (1) location_id parameter to locationdel.php and (2) vlan_id parameter to vlanedit.php. The vulnerability is network-exposed with low attac...

7.5CVSS8.4AI score0.01145EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/08/31 12:17 a.m.17 views

CVE-2007-4606

PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...

7.5CVSS7.4AI score0.0213EPSS
Exploits0References2
CVE
CVE
added 2007/08/31 12:0 a.m.159 views

CVE-2007-4606

CVE-2007-4606 describes a PHP remote file inclusion in the Virtual War (VWar) module of PHPNuke-Clan (PNC) 4.2.0 and earlier. The vulnerability arises in convert/mvcw_conver.php where an attacker can cause arbitrary PHP code execution by supplying a crafted URL in the vwar_root parameter. The iss...

7.5CVSS7.5AI score0.0213EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2007/03/23 9:19 p.m.4 views

CVE-2007-1627

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4606. Reason: This candidate is a duplicate of CVE-2006-4606. Notes: All CVE users should reference CVE-2006-4606 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

7.5CVSS5.8AI score0.02374EPSS
Exploits0References1
Prion
Prion
added 2007/03/23 9:19 p.m.15 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4606. Reason: This candidate is a duplicate of CVE-2006-4606. Notes: All CVE users should reference CVE-2006-4606 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.8AI score0.02374EPSS
Exploits0
CVE
CVE
added 2006/09/07 12:0 a.m.49 views

CVE-2006-4606

CVE-2006-4606 affects Longino Jacome’s php-Revista 1.1.2. The vulnerability involves multiple SQL injection flaws in five parameters across different PHP scripts: (1) id_temas in busqueda_tema.php, (2) cadena in busqueda.php, (3) id_autor in autor.php, (4) email in lista.php, and (5) id_articulo ...

7.5CVSS8.5AI score0.02374EPSS
Exploits0References15Affected Software1
CVE
CVE
added 2006/01/03 10:0 p.m.54 views

CVE-2005-4606

CVE-2005-4606 describes an SQL injection in Web Wiz apps (Site News 3.06 and earlier; Journal 1.0 and earlier; Polls 3.06 and earlier; Database Login 1.71 and earlier) via txtUserName in admin/check_user.asp. Attacker can execute arbitrary SQL commands remotely. Exploitation details, affected ver...

7.5CVSS8.4AI score0.01483EPSS
Exploits1References6Affected Software4
Cvelist
Cvelist
added 2006/01/03 10:0 p.m.25 views

CVE-2005-4606

SQL injection vulnerability in checkuser.asp in multiple Web Wiz products including 1 Site News 3.06 and earlier, 2 Journal 1.0 and earlier, 3 Polls 3.06 and earlier, and 4 and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter...

8.4AI score0.01483EPSS
Exploits1References6
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.8 views

CVE-2018-4606

...

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.12 views

CVE-2018-4606

CVE-2018-4606 entry is rejected/not used per initial description.

6.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.0 views

MS:C782C657-E6EF-4606-A0AB-5B014CA32C14

...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.0 views

MS:A3E08801-1A77-4606-9687-ACF2296A6CD3

...

7AI score
Exploits0
Rows per page
Query Builder