Blog

CVE-2006-4878

Directory traversal vulnerability in footer.php in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to read and include arbitrary local files via a .. (dot dot) sequence in the template parameter. NOTE: this was later reported to …


September 19, 2006 0

CVE-2006-4440

PHP remote file inclusion vulnerability in main.php in Ay System Solutions CMS 2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter. (CVSS:7.5) (Last Update:2017-07-19)


August 29, 2006 0

CVE-2006-4318

Buffer overflow in WFTPD Server 3.23 allows remote attackers to execute arbitrary code via long SIZE commands. (CVSS:6.5) (Last Update:2017-07-19)


August 23, 2006 0

CVE-2006-4142

SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter. (CVSS:7.5) (Last Update:2017-07-19)


August 14, 2006 0

CVE-2006-3823

SQL injection vulnerability in index.php in GeodesicSolutions (1) GeoAuctions Premier 2.0.3 and (2) GeoClassifieds Basic 2.0.3 allows remote attackers to execute arbitrary SQL commands via the b parameter. (CVSS:5.1) (Last Update:2015-05-13)


July 25, 2006 0

CVE-2006-3690

Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php. (CVSS…


July 21, 2006 0

CVE-2006-3683

PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. (CVSS:7.5) (Last Update:2016-10-17)


July 21, 2006 0

CVE-2006-3598

SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op. (CVSS:7.5) (Last Update:2017-07-19)


July 18, 2006 0

CVE-2006-3362

Unrestricted file upload vulnerability in connectors/php/connector.php in FCKeditor mcpuk file manager, as used in (1) Geeklog 1.4.0 through 1.4.0sr3, (2) toendaCMS 1.0.0 Shizouka Stable and earlier, (3) WeBid 0.5.4, and possibly other products, when i…


July 6, 2006 0

CVE-2006-3317

PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) announcements.php and (2) rss.php, a different set of vectors and affected versions than CVE-2006-3…


June 29, 2006 0