CVE-2006-4491

Summary: Cybozu products (Collaborex, AG before 1.2(1.5); AG Pocket before 5.2(0.8); Mailwise before 3.0(0.3); Garoon 1 before 1.5(4.1)) are vulnerable to a directory traversal flaw that allows remote authenticated users to read arbitrary files via unspecified vectors. Impact: partial confidentia...

CVE-2006-4370

Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file...

CVE-2006-4370

Affected software / component: Alt-N WebAdmin (versions 3.2.3–3.2.4 with MDaemon 9.0.5; possibly earlier). Root cause / vulnerability: A flaw in WebAdmin’s handling of authentication/authorization via the userlist.wdm mechanism allows a remote authenticated domain administrator to change a global...

eFiction < 2.0.7 - Remote Admin Authentication Bypass

eFiction vulnerability I am releasing this to the public. Vendor was notified. Someone is also illegally defacing these websites under MY name, which is a shame because they ripped it from a private discussion on g00ns.net. This proof of concept is not to be used to illegally hack websites. I do...

CVE-2006-4258

CVE-2006-4258 affects Anti-Spam SMTP Proxy (ASSP). The vulnerability is an absolute path traversal in the get functionality, allowing remote authenticated users to read arbitrary files via file parameter values such as C:\ or UNC paths. Documents confirm the affected component and the underlying ...

CVE-2006-3859

CVE-2006-3859 affects IBM Informix Dynamic Server (IDS). The vulnerability allows remote authenticated users to create and overwrite arbitrary files via the LOTOFILE and trl_tracefile_set functions, and via the SET DEBUG FILE command. The underlying issue is that these APIs/commands can be abused...

CVE-2006-3828

Incomplete blacklist vulnerability in Kailash Nadh boastMachine formerly bMachine 3.1 and earlier allows remote authenticated administrators to bypass SQL injection protection mechanisms by using commas, quote characters, pound sign characters, "UNION," and "SELECT," which are not filtered by the...

CVE-2006-3796

DeluxeBB 1.07 and earlier does not properly handle a username composed of a single space character, which allows remote authenticated users to login as the "space" user, post as the guest user, and block the ability of an administrator to ban the "space" user...

CVE-2006-3469

Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service crash via a format string instead of a date as the first parameter to the dateformat function, which is later used in a formatted pri...

CVE-2006-3208

CVE-2006-3208 affects Ultimate PHP Board (UPB) up to version 1.9.6. The issue is a direct static code injection vulnerability that allows remote authenticated administrators to execute arbitrary PHP code via multiple configuration fields stored in admin_chatconfig.php, admin_configcss.php, admin_...

CVE-2006-2945

Unspecified vulnerability in the user profile change functionality in DokuWiki, when Access Control Lists are enabled, allows remote authenticated users to read unauthorized files via unknown attack vectors...

Default credentials

JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...

CVE-2006-2718

JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...

CVE-2006-2467

CVE-2006-2467 affects BEA WebLogic Server: WebLogic Server Administration Console can disclose the server’s internal IP address. Vulnerable versions are 6.1 up to SP7, 7.0 up to SP6, and 8.1 up to SP4. Root cause is exposure of internal IP in the Console; impact is information disclosure of inter...

CVE-2006-2459

SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authenticated users to execute arbitrary SQL commands via the srchwhere parameter...

CVE-2006-2204

SQL injection vulnerability in the topic deletion functionality postdelete function in funcmod.php for Invision Power Board 2.1.5 allows remote authenticated moderators to execute arbitrary SQL commands via the selectedpids parameter, which bypasses an integer value check when the $id variable is...

CVE-2006-2166

CVE-2006-2166 affects Cisco Unity Express (CUE) 2.2(2) and earlier when running on any CUE AIM or NM. The HTTP management interface contains an unspecified vulnerability that allows remote authenticated attackers to reset the password for any user with an expired password. The connected documents...

CVE-2006-1829

CVE-2006-1829 affects Sybase EAServer Manager (versions 5.2 and 5.3). The issue allows remote authenticated users (potentially guests) to obtain password credentials of arbitrary users through unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom co...

CVE-2005-4758

CVE-2005-4758 affects BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier. The vulnerability arises in the Administration server, allowing remote authenticated Admin users to read arbitrary files through an internal servlet accessed via HTTP. The description characterizes the flaw as uns...

CVE-2006-1481

SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frmsearchin parameter...