Blog

CVE-2006-1664

Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream. (CVSS:7.5) (Last Update:2017-10-18)


April 7, 2006 0

CVE-2006-1252

Eval injection vulnerability in cal.php in Light Weight Calendar (LWC) 1.0 allows remote attackers to execute arbitrary PHP code via the date parameter to index.php. (CVSS:7.5) (Last Update:2016-11-18)


March 18, 2006 0

CVE-2006-0973

SQL injection vulnerability in topics.php in Appalachian State University phpWebSite 0.10.2 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter. (CVSS:7.5) (Last Update:2017-10-18)


March 3, 2006 0

CVE-2006-0944

Archangel Weblog 0.90.02 allows remote attackers to bypass authentication by setting the ba_admin cookie to 1. (CVSS:7.5) (Last Update:2016-11-18)


February 28, 2006 0

CVE-2005-4620

Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have th…


December 31, 2005 0

CVE-2005-4195

Multiple SQL injection vulnerabilities in Scout Portal Toolkit (SPT) 1.3.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the ParentId parameter in SPT–BrowseResources.php, (2) ResourceId parameter in SPT–FullRecord.php,…


December 13, 2005 0

CVE-2005-3365

Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via (1) the name parameter in register.php, (2) the email parameter in lostpassword.php,…


October 30, 2005 0

CVE-2005-3043

SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. (CVSS:7.5) (Last Update:2017-07-10)


September 22, 2005 0

CVE-2005-2855

Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description field. (CVSS:4.3) (Last Update:2016-10-17)


September 8, 2005 0

CVE-2005-2251

PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468. (CVSS:7.5) (Last Update:2017-07-10)


July 13, 2005 0