DEBIAN-CVE-2006-6169

Heap-based buffer overflow in the askoutfilename function in openfile.c for GnuPG gpg 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the makeprintablestring function to return a longer string than...

CVE-2006-6169

Heap-based buffer overflow in the askoutfilename function in openfile.c for GnuPG gpg 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the makeprintablestring function to return a longer string than...

CVE-2006-6169

Heap-based buffer overflow in the askoutfilename function in openfile.c for GnuPG gpg 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages with "C-escape" expansions, which cause the makeprintablestring function to return a longer string than...

CVE-2006-5450

SQL injection vulnerability in index.asp in Kinesis Interactive Cinema System KICS CMS allows remote attackers to execute arbitrary SQL commands via the 1 txtUsername user or 2 txtPassword pass parameters...

CVE-2006-5443

Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics Server WIMS before 3.60 allows remote attackers to modify unspecified data via unspecified vectors involving "variable rights."...

CVE-2006-5443

Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics Server WIMS before 3.60 allows remote attackers to modify unspecified data via unspecified vectors involving "variable rights."...

CVE-2006-5443

The CVE-2006-5443 entry concerns XIAO Gang’s WWW Interactive Mathematics Server (WIMS) prior to 3.60. A remote attacker could modify unspecified data via unspecified vectors related to "variable rights", with impact described as partial integrity loss. The connected sources confirm product and af...

Kinesis Interactive Cinema System - 'index.asp' SQL Injection

source: https://www.securityfocus.com/bid/20607/info Kinesis Interactive Cinema System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

CVE-2006-4797

Cross-site scripting XSS vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter...

CVE-2006-4797

Cross-site scripting XSS vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter...

CVE-2006-4797

CVE-2006-4797 describes a cross-site scripting (XSS) vulnerability in CloudNine Interactive CJ Tag Board 3.0 . The flaw occurs in the tag.php handler, where an attacker can inject arbitrary web script or HTML by abusing a JavaScript event in a url BBcode tag within the cjmsg parameter. This is a ...

[eVuln] Links Manager Multiple XSS and SQL Injection Vulnerabilities

New eVuln Advisory: Links Manager Multiple XSS and SQL Injection Vulnerabilities http://evuln.com/vulns/136/summary.html --------------------Summary---------------- eVuln ID: EV0136 CVE: CVE-2006-4327 CVE-2006-4328 Vendor: CloudNine Interactive Vendor's Web Site:...

EV0137.txt

New eVuln Advisory: CJ Tag Board XSS Vulnerability http://evuln.com/vulns/137/summary.html --------------------Summary---------------- eVuln ID: EV0137 Vendor: CloudNine Interactive Vendor's Web Site: http://www.cloudnineinteractive.co.uk/ Software: Tag Board Sowtware's Web Site:...

[eVuln] CJ Tag Board XSS Vulnerability

New eVuln Advisory: CJ Tag Board XSS Vulnerability http://evuln.com/vulns/137/summary.html --------------------Summary---------------- eVuln ID: EV0137 Vendor: CloudNine Interactive Vendor's Web Site: http://www.cloudnineinteractive.co.uk/ Software: Tag Board Sowtware's Web Site:...

EV0136.txt

New eVuln Advisory: Links Manager Multiple XSS and SQL Injection Vulnerabilities http://evuln.com/vulns/136/summary.html --------------------Summary---------------- eVuln ID: EV0136 CVE: CVE-2006-4327 CVE-2006-4328 Vendor: CloudNine Interactive Vendor's Web Site:...

CVE-2006-4328

SQL injection vulnerability in admin.php in CloudNine Interactive Links Manager 2006-06-12, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the nick parameter...

CVE-2006-4327

CVE-2006-4327 concerns CloudNine Interactive Links Manager (version 2006-06-12). The vulnerability is a cross-site scripting (XSS) flaw in add_url.php, where the parameters title, description, and keywords are not properly sanitized, allowing remote attackers to inject arbitrary web script or HTM...

CVE-2006-4328

CloudNine Interactive Links Manager 2006-06-12 is affected by an SQL injection in admin.php via the nick parameter when magic_quotes_gpc is off. The vulnerability allows remote attackers to execute arbitrary SQL commands, as documented in multiple sources (eVuln/SECURITYVULNS entries). The issue ...

CVE-2006-4328

SQL injection vulnerability in admin.php in CloudNine Interactive Links Manager 2006-06-12, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the nick parameter...

CVE-2006-4327

Multiple cross-site scripting XSS vulnerabilities in addurl.php in CloudNine Interactive Links Manager 2006-06-12 allow remote attackers to inject arbitrary web script or HTML via the 1 title, 2 description, or 3 keywords parameters...