292 matches found
CVE-2006-6595
Multiple SQL injection vulnerabilities in ScriptMate User Manager 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via "Manage Resources" and possibly other unspecified components...
CVE-2006-6594
SQL injection vulnerability in utilities/usermessages.asp of ScriptMate User Manager 2.0 allows remote attackers to execute arbitrary SQL commands via the mesid parameter. Affected: ScriptMate User Manager 2.0; root cause: improper input handling in mesid. Impact and exploitation details are prov...
CVE-2006-6582
CVE-2006-6582 concerns ScriptMate User Manager 2.1 and earlier. The vulnerability set is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary script or HTML via the login action fields (members_username, members_password) in members/default.asp and via the Sea...
CVE-2006-6583
Technical details for CVE-2006-6583 are not provided in the connected documents; monitor for updates.
CVE-2006-6595
Affected software: ScriptMate User Manager 2.1 and earlier. Vulnerability: Multiple SQL injection flaws allowing remote attackers to execute arbitrary SQL commands via the "Manage Resources" function and possibly other unspecified components. Impact: Unauthorized SQL execution; risk details not q...
CVE-2006-6583
ScriptMate User Manager 2.1 and earlier allow remote attackers to obtain sensitive information via unspecified vectors related to 1 the Logins box and 2 the Search box...
CVE-2006-6594
SQL injection vulnerability in utilities/usermessages.asp in ScriptMate User Manager 2.0 allows remote attackers to execute arbitrary SQL commands via the mesid parameter...
CVE-2006-6582
Multiple cross-site scripting XSS vulnerabilities in ScriptMate User Manager 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 membersusername user and 2 memberspassword password fields in a login action in members/default.asp, and 3 the Search box. NOTE: som...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...
Solaris 8 (sparc) : 113749-02
SunOS 5.8: User Manager CLI Patch. Date this patch was last updated by Sun : Dec/22/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Microsoft Systems Management Server 2.0 - Default Permissions
Microsoft Systems Management Server 2.0 - Default Permissions source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable wil...