Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 703

Количество 331 703

nvd логотип

CVE-2006-3482

больше 19 лет назад

Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter.

CVSS2: 2.6
EPSS: Низкий
nvd логотип

CVE-2006-3481

больше 19 лет назад

Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission".

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3480

больше 19 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.

CVSS2: 5.8
EPSS: Низкий
nvd логотип

CVE-2006-3479

больше 19 лет назад

Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a del_block op on the block page in index.php.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2006-3478

больше 19 лет назад

PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3477

больше 19 лет назад

Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2006-3476

больше 19 лет назад

Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2006-3475

больше 19 лет назад

Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, a different set of vectors than CVE-2006-2998.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3474

больше 19 лет назад

Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to (a) gbrowse.php, (2) card_id parameter to (b) rating.php and (c) create.php, and the (3) event_id parameter to (d) search.php.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3473

больше 19 лет назад

CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 allows remote attackers to inject e-mail headers, which facilitates sending spam messages, a different issue than CVE-2006-1225.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3472

больше 19 лет назад

Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS2: 5
EPSS: Средний
nvd логотип

CVE-2006-3471

больше 19 лет назад

Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method.

CVSS2: 5
EPSS: Средний
nvd логотип

CVE-2006-3470

больше 19 лет назад

The Dell Openmanage CD launches X11 and SSH daemons that do not require authentication, which allows remote attackers to gain privileges.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3469

больше 19 лет назад

Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.

CVSS2: 4
EPSS: Средний
nvd логотип

CVE-2006-3468

больше 19 лет назад

Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.

CVSS2: 7.8
EPSS: Средний
nvd логотип

CVE-2006-3467

больше 19 лет назад

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3466

больше 19 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3600. Reason: This candidate is a reservation duplicate of CVE-2006-3600. Notes: All CVE users should reference CVE-2006-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

EPSS: Низкий
nvd логотип

CVE-2006-3465

больше 19 лет назад

Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2006-3464

больше 19 лет назад

TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2006-3463

больше 19 лет назад

The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.

CVSS2: 7.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2006-3482

Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter.

CVSS2: 2.6
1%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3481

Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission".

CVSS2: 7.5
0%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3480

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.

CVSS2: 5.8
0%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3479

Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a del_block op on the block page in index.php.

CVSS2: 5
0%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3478

PHP remote file inclusion vulnerability in styles/default/global_header.php in MyPHP CMS 0.3 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the domain parameter.

CVSS2: 7.5
5%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3477

Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox.

CVSS2: 5
1%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3476

Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

CVSS2: 4.3
1%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3475

Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, a different set of vectors than CVE-2006-2998.

CVSS2: 7.5
6%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3474

Multiple SQL injection vulnerabilities in Belchior Foundry vCard PRO allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to (a) gbrowse.php, (2) card_id parameter to (b) rating.php and (c) create.php, and the (3) event_id parameter to (d) search.php.

CVSS2: 7.5
0%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3473

CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 allows remote attackers to inject e-mail headers, which facilitates sending spam messages, a different issue than CVE-2006-1225.

CVSS2: 7.5
1%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3472

Microsoft Internet Explorer 6.0 and 6.0 SP1 allows remote attackers to cause a denial of service via an HTML page with an A tag containing a long title attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS2: 5
34%
Средний
больше 19 лет назад
nvd логотип
CVE-2006-3471

Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method.

CVSS2: 5
45%
Средний
больше 19 лет назад
nvd логотип
CVE-2006-3470

The Dell Openmanage CD launches X11 and SSH daemons that do not require authentication, which allows remote attackers to gain privileges.

CVSS2: 7.5
4%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3469

Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.

CVSS2: 4
53%
Средний
больше 19 лет назад
nvd логотип
CVE-2006-3468

Linux kernel 2.6.x, when using both NFS and EXT3, allows remote attackers to cause a denial of service (file system panic) via a crafted UDP packet with a V2 lookup procedure that specifies a bad file handle (inode number), which triggers an error and causes an exported directory to be remounted read-only.

CVSS2: 7.8
27%
Средний
больше 19 лет назад
nvd логотип
CVE-2006-3467

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

CVSS2: 7.5
9%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3466

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3600. Reason: This candidate is a reservation duplicate of CVE-2006-3600. Notes: All CVE users should reference CVE-2006-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

больше 19 лет назад
nvd логотип
CVE-2006-3465

Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.

CVSS2: 7.5
14%
Средний
больше 19 лет назад
nvd логотип
CVE-2006-3464

TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations".

CVSS2: 7.5
1%
Низкий
больше 19 лет назад
nvd логотип
CVE-2006-3463

The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.

CVSS2: 7.8
4%
Низкий
больше 19 лет назад

Уязвимостей на страницу