CVE-2006-1867

Unspecified vulnerability in Oracle Database Server 9.2.0.6 has unknown impact and attack vectors in the Advanced Replication component, aka Vuln DB02...

CVE-2006-1868

Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFYLOG procedure of the DBMSSNAPSHOTUTL package, aka Vuln DB03...

CVE-2006-1867

Technical details for CVE-2006-1867 are not publicly available in the provided documents. The entries reference Oracle 9.2.0.6 Advanced Replication with unknown impact and attack vectors. Monitor for authoritative updates and vendor advisories.

CVE-2006-1866

Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the 1 Advanced Replication component, as identified by Vuln DB01, and 2 Oracle Spatial component, as identified by Vuln DB10. NOTE:...

Oracle Advanced Replication SQL injection vulnerability

Overview An SQL injection vulnerability in the Oracle Advanced Replication component may allow a remote attacker to execute arbitrary SQL commands on a vulnerable Oracle installation. Description Oracle Advanced Replication component contains a SQL injection vulnerability.The details of this...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to comments.php or 2 pollid parameter to page.php. NOTE: it is possible that this issue is resultant from CVE-2006-1616...

CVE-2006-1617

Multiple cross-site scripting XSS vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to comments.php or 2 pollid parameter to page.php. NOTE: it is possible that this issue is resultant from CVE-2006-1616...

CVE-2006-1616

Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to comments.php or 2 pollid parameter to page.php...

Sql injection

Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to comments.php or 2 pollid parameter to page.php...

CVE-2006-1617

CVE-2006-1617 relates to multiple XSS vulnerabilities in Advanced Poll 2.02. The affected components are comments.php (id parameter) and page.php (poll_id parameter), allowing remote attackers to inject arbitrary script/HTML. The description notes a possible relation to CVE-2006-1616 (SQL injecti...

CVE-2006-1617

Multiple cross-site scripting XSS vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to comments.php or 2 pollid parameter to page.php. NOTE: it is possible that this issue is resultant from CVE-2006-1616...

CVE-2006-1616

Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to comments.php or 2 pollid parameter to page.php...

CVE-2006-1616

CVE-2006-1616 involves multiple SQL injection vulnerabilities in Advanced Poll 2.02. The affected component is the poll software’s pages where the (1) id parameter passed to comments.php and (2) poll_id parameter passed to page.php can be exploited to execute arbitrary SQL commands. The NVD entry...

CVE-2006-1209

PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for a users/USERNAME file...

CVE-2006-1209

The CVE concerns PHP Advanced Transfer Manager (versions 1.00–1.30). The root cause is insufficient access control that stores sensitive data (including password hashes) under the web root. This enables remote attackers to retrieve password hashes by directly requesting a users/[USERNAME] file. C...

PT-2006-2225 · Php · Php Advanced Transfer Manager

Name of the Vulnerable Software and Affected Versions: PHP Advanced Transfer Manager versions 1.00 through 1.30 Description: The issue allows remote attackers to download sensitive information, including password hashes, due to insufficient access control. This is possible because the sensitive...

php-atm.txt

PHP Advanced Transfer Manager Download users password hashes PHP Advanced Transfer Manager 1. Site:http://phpatm.free.fr/ ---------------------------------------------------- Bugs: http://victim.com/path/users/username ---------------------------------------------------- example:...

PHP Advanced Transfer Manager Download users password hashes

PHP Advanced Transfer Manager Download users password hashes PHP Advanced Transfer Manager 1. Site:http://phpatm.free.fr/ ---------------------------------------------------- Bugs: http://victim.com/path/users/username ---------------------------------------------------- example:...

patm.txt

PHP Advanced Transfer Manager Download users password hashes PHP Advanced Transfer Manager 1. Site:http://phpatm.free.fr/ ---------------------------------------------------- Bugs: http://victim.com/path/users/username ---------------------------------------------------- example:...

PHP Advanced Transfer Manager Download users password hashes

PHP Advanced Transfer Manager Download users password hashes PHP Advanced Transfer Manager 1. Site:http://phpatm.free.fr/ ---------------------------------------------------- Bugs: http://victim.com/path/users/username ---------------------------------------------------- example:...