4189 matches found
CVE-2006-7121
The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service reboot via 1 a long URL, or a long 2 username or 3 password during Basic Authentication...
CVE-2006-6982
3proxy 0.5 to 0.5.2 does not offer NTLM authentication before basic authentication, which might cause browsers with incomplete RFC2616/RFC2617 support to use basic cleartext authentication even if NTLM is available, which makes it easier for attackers to steal credentials...
CVE-2006-6977
Cross-site scripting XSS vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the 1 href or 2 onmouseover attribute of the A HTML tag...
Fedora Core 5 : mono-1.1.13.7-2.fc5.1 (2006-1012)
CVE-2006-5072 Mono insecure temporary file usage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2006-6825
Calendar MX BASIC 1.0.2 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for calendar.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely fro...
CVE-2006-6825
Calendar MX BASIC 1.0.2 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for calendar.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely fro...
CVE-2006-6825
CVE-2006-6825 affects Calendar MX BASIC 1.0.2 and earlier. The vulnerability arises because the application stores sensitive information under the web root with insufficient access control, enabling remote attackers to download the database (calendar.mdb) via a direct request. The records indicat...
CVE-2006-6792
SQL injection vulnerability in calendardetail.asp in Calendar MX BASIC 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-6792
CVE-2006-6792 affects Calendar MX BASIC 1.0.2 and earlier, with an SQL injection via the ID parameter in calendar_detail.asp. The vulnerability details provided indicate remote attackers could potentially manipulate SQL commands, aligned with a CVSS v2 base score of 7.5 (HIGH) and network access ...
Title : Calendar MX BASIC <= 1.0.2 (ID) Remote SQL Injection Vulnerability
Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...
Calendar MX BASIC 1.0.2 - 'ID' SQL Injection
Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...
Calendar MX BASIC 1.0.2 - ID SQL Injection
Calendar MX BASIC 1.0.2 - ID SQL Injection Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...
Calendar MX BASIC <= 1.0.2 (ID) Remote SQL Injection Vulnerability
No description provided by source. Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...
PT-2006-7199 · Hyperaccess · Hyperaccess
Name of the Vulnerable Software and Affected Versions: HyperAccess version 8.4 Description: The issue allows user-assisted remote attackers to execute arbitrary vbscript and commands. This is achieved via the /r option in a telnet:// URI, which is configured to use hawin32.exe. Recommendations: F...
Basic Forum <= 1.1 (edit.asp) Remote SQL Injection Vulnerability
No description provided by source. Title : basicforum v 1.1 edit.asp Remote SQL Injection Vulnerability Author : bolivar Dork : "This script created by www.script.canavari.com" ---------------------------------------------------------------------------...
Basic Forum 1.1 - 'edit.asp' SQL Injection
Title : basicforum v 1.1 edit.asp Remote SQL Injection Vulnerability Author : bolivar Dork : "This script created by www.script.canavari.com" ---------------------------------------------------------------------------...
Basic Forum <= 1.1 (edit.asp) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ Basic Forum = 1.1 edit.asp Remote SQL Injection Vulnerability ================================================================ Title : basicforum v 1.1 edit.asp Remote SQL...
Basic Forum 1.1 - edit.asp SQL Injection
Basic Forum 1.1 - edit.asp SQL Injection Title : basicforum v 1.1 edit.asp Remote SQL Injection Vulnerability Author : bolivar Dork : "This script created by www.script.canavari.com" ---------------------------------------------------------------------------...
googleHack Lite-vulnerability warning-the black bar safety net
Look at the basic situation: infxx.com return some basic information site:xx.com returns all the information about the url link:xx.com returns all the station made the connection of the station site:xx.com filetype:txt find TXT file the other in turn within the push Find the background site:xx.co...
Microsoft Visual Basic for Applications文档检查溢出漏洞(MS06-047)
Microsoft Visual Basic for Applications(VBA)是用于开发客户端桌面所包装的应用程序并集成到现有数据和系统的开发技术。 VBA在处理包含畸形属性字段的文档时存在漏洞,攻击者可能利用此漏洞在用户机器上执行任意指令。 VBA在打开文档时会检查主机应用程序对其传送的某些文档属性,因此主机应用程序就可能向VBA传送未检查的参数。如果攻击者能够诱骗用户打开设置了特殊属性的文档的话,就可能触发缓冲区溢出,导致执行任意代码。 Microsoft Office XP Microsoft Office 2000 Microsoft Visual Basic for...