Directory traversal

Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. dot dot in the query string...

CVE-2006-2813

Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. dot dot in the query string...

CVE-2006-2610

Cross-site scripting XSS vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the 1 URL query string and the 2 Sort parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the 1 URL query string and the 2 Sort parameter...

CVE-2006-2610

Cross-site scripting XSS vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the 1 URL query string and the 2 Sort parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10 2.0.5.2, and other versions before 2.2.3.18 for M10/D10 and 3.0.3.31 for M22, allow remote attackers to inject arbitrary web script or HTML via URL-encoded values in 1 the query string to help/help,...

Cross site scripting

Cross-site scripting XSS vulnerability in 1 index.php and 2 bmc/admin.php in BoastMachine bMachine 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using the $SERVER"PHPSELF" variable...

CVE-2006-2490

Multiple cross-site scripting XSS vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10 2.0.5.2, and other versions before 2.2.3.18 for M10/D10 and 3.0.3.31 for M22, allow remote attackers to inject arbitrary web script or HTML via URL-encoded values in 1 the query string to help/help,...

CVE-2006-2491

Cross-site scripting XSS vulnerability in 1 index.php and 2 bmc/admin.php in BoastMachine bMachine 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using the $SERVER"PHPSELF" variable...

CVE-2006-2490

Multiple cross-site scripting XSS vulnerabilities in Mobotix IP Network Cameras M1 1.9.4.7 and M10 2.0.5.2, and other versions before 2.2.3.18 for M10/D10 and 3.0.3.31 for M22, allow remote attackers to inject arbitrary web script or HTML via URL-encoded values in 1 the query string to help/help,...

EUVD-2006-2491

Cross-site scripting XSS vulnerability in 1 index.php and 2 bmc/admin.php in BoastMachine bMachine 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using the $SERVER"PHPSELF" variable...

CVE-2006-2148

Multiple buffer overflows in client.c in CGI:IRC CGIIRC before 0.5.8 might allow remote attackers to execute arbitrary code via 1 cookies or 2 the query string...

Buffer overflow

Multiple buffer overflows in client.c in CGI:IRC CGIIRC before 0.5.8 might allow remote attackers to execute arbitrary code via 1 cookies or 2 the query string...

CVE-2006-2148

CVE-2006-2148 affects CGIIRC in which multiple buffer overflows in the file client.c allow remote code execution via (1) cookies or (2) the query string. OpenVAS/Debian advisories document the issue and cite that vulnerable versions are prior to 0.5.8; Debian/Ubuntu advisories recommend upgrading...

Cross site scripting

Cross-site scripting XSS vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 SID parameter, or 3 ilang parameter...

CVE-2006-1980

Cross-site scripting XSS vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the 1 query string, 2 SID parameter, or 3 ilang parameter...

CVE-2006-1980

CVE-2006-1980 is an XSS vulnerability in W2B Online Banking. The vulnerability allows remote attackers to inject arbitrary script via (1) query string, (2) SID parameter, or (3) ilang parameter. The NVD entry reports a CVSS v2.0 base score of 2.6 (low) with Network attack vector, high attack comp...

CVE-2006-1293

Cross-site scripting XSS vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string PHPSELF...

CVE-2006-1121

Cross-site scripting XSS vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in CuteNews 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the query string to index.php...