Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Apache -- Open For Business Project
| Cross-site scripting (XSS) vulnerability in ecommerce/control/keywordsearch in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML via the SEARCH_STRING parameter, a different issue than CVE-2006-6587. | | 7.0 | CVE-2006-6589 OTHER-REF
| Brian Drawert -- yaplap
| PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the LOGIN_style parameter. | | 7.0 | CVE-2006-6575 Milw0rm XF
| CalaCode -- @mail Webmail System
| Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | | 7.0 | CVE-2006-6700 OTHER-REF SECUNIA
| Carsen Klock -- TextSend
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Carsen Klock TextSend 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) error or (2) success parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6695 FRSIRT
| chetcpasswd -- chetcpasswd
| Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote attackers to gain unauthorized access by spoofing this header. | | 7.0 | CVE-2006-6679 BUGTRAQ OTHER-REF OTHER-REF BID OSVDB SECUNIA XF
| chetcpasswd -- chetcpasswd
| Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack. | | 7.0 | CVE-2006-6681 BUGTRAQ OTHER-REF BID SECUNIA XF
| chetcpasswd -- chetcpasswd
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6684 OTHER-REF OSVDB SECUNIA
| chetcpasswd -- chetcpasswd
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6685 SECUNIA
| Contra Haber Sistemi -- Contra Haber Sistemi
| SQL injection vulnerability in haber.asp in Contra Haber Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2006-6642 BUGTRAQ BID FRSIRT XF
| Drupal -- Drupal Project Issue Tracking Drupal -- Drupal Project
| Multiple cross-site scripting (XSS) vulnerabilities in Drupal (1) Project Issue Tracking 4.7.x-1.0 and 4.7.x-2.0, and (2) Project 4.6.x-1.0, 4.7.x-1.0, and 4.7.x-2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, which do not use the check_plain function. | | 7.0 | CVE-2006-6646 OTHER-REF FRSIRT SECUNIA BID
| Drupal -- Drupal MySite
| Cross-site scripting (XSS) vulnerability in the MySite 4.7.x before 4.7.x-3.3 and 5.x before 5.x-1.3 module for Drupal allows remote attackers to inject arbitrary web script or HTML via the Title field when editing a page. NOTE: some details were obtained from third party information. | | 7.0 | CVE-2006-6647 OTHER-REF FRSIRT SECUNIA
| DWS Systems Inc. -- SQL-Ledger
| Unspecified vulnerability in login.pl in SQL Ledger before 2.6.21 allows remote attackers to execute arbitrary Perl code via unknown manipulations of a script variable. | | 7.0 | CVE-2006-5872 DEBIAN BID FRSIRT SECTRACK SECUNIA SECUNIA
| Eset Software -- NOD32 Antivirus
| Integer overflow in ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted .DOC file that triggers a heap-based buffer overflow. | | 10.0 | CVE-2006-6676 BUGTRAQ OTHER-REF BID FRSIRT
| EXlor -- EXlor
| PHP remote file inclusion vulnerability in fonctions/template.php in EXlor 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the repphp parameter. | | 7.0 | CVE-2006-6591 BUGTRAQ XF
| HyperVM -- HyperVM
| Cross-site scripting (XSS) vulnerability in display.php in HyperVM 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an encoded frm_action parameter. NOTE: the vendor disputes this issue, but it is not certain whether the dispute is about the severity of the issue, or its existence. | | 7.0 | CVE-2006-6649 BUGTRAQ OTHER-REF MLIST FRSIRT SECUNIA
| Ibiblio -- Osprey
| PHP remote file inclusion vulnerability in ListRecords.php in osprey 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter. | | 7.0 | CVE-2006-6630 BUGTRAQ
| JumbaCMS -- JumbaCMS
| PHP remote file inclusion vulnerability in includes/functions.php in JumbaCMS 0.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the jcms_root_path parameter. | | 7.0 | CVE-2006-6635 Milw0rm BID XF
| KMiNT21 Software -- Golden FTP Server
| Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: the USER vector is already covered by CVE-2005-0634. | | 7.0 | CVE-2006-6576 OTHER-REF FRSIRT SECUNIA
| Linux -- Linux kernel
| Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via CAPI messages with a large value for the length of the (1) manu (manufacturer) or (2) serial (serial number) field. | | 7.0 | CVE-2006-6106 MLIST OTHER-REF OTHER-REF FRSIRT SECUNIA SECUNIA XF MLIST
| MailEnable -- MailEnable Professional MailEnable -- MailEnable Enterprise MailEnable -- MailEnable Standard
| Stack-based buffer overflow in the POP service in MailEnable Standard 1.98 and earlier; Professional 1.84, and 2.35 and earlier; and Enterprise 1.41, and 2.35 and earlier before ME-10026 allows remote attackers to execute arbitrary code via a long argument to the PASS command. | | 7.0 | CVE-2006-6605 BUGTRAQ OTHER-REF OTHER-REF FRSIRT SECUNIA SECTRACK
| Mambo -- ExtCalThai Module
| Multiple PHP remote file inclusion vulnerabilities in the ExtCalThai (com_extcalendar) 0.9.1 and earlier component for Mambo allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_EXT[LANGUAGES_DIR] parameter to admin_events.php, (2) the mosConfig_absolute_path parameter to extcalendar.php, or (3) the CONFIG_EXT[LIB_DIR] parameter to lib/mail.inc.php. | | 7.0 | CVE-2006-6634 BUGTRAQ BID XF
| MaxiASP -- Burak Yilmaz Download Portal
| SQL injection vulnerability in down.asp in Burak Yylmaz Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2006-6671 BUGTRAQ BID FRSIRT SECUNIA
| MaxiASP -- Burak Yilmaz Download Portal
| Multiple SQL injection vulnerabilities in Burak Yylmaz Download Portal allow remote attackers to execute arbitrary SQL commands via the (1) kid or possibly (2) id parameter to (a) HABERLER.ASP and (b) ASPKAT.ASP. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6672 FRSIRT
| Microsoft -- IIS
| Microsoft Internet Information Services (IIS) 5.1 permits the IUSR_Machine account to execute non-EXE files such as .COM files, which allows attackers to execute arbitrary commands via arguments to any .COM file that executes those arguments, as demonstrated using win.com when it is in a web directory with certain permissions. | | 7.0 | CVE-2006-6578 BUGTRAQ
| Moodle -- Moodle
| Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941. | | 7.0 | CVE-2006-6626 OTHER-REF BID
| Mozilla -- SeaMonkey Mozilla -- Firefox Mozilla -- Thunderbird
| Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors. | | 7.0 | CVE-2006-6497 OTHER-REF REDHAT REDHAT REDHAT SECTRACK SECTRACK SECTRACK SECUNIA SECUNIA SECUNIA
| Mozilla -- SeaMonkey Mozilla -- Firefox Mozilla -- Thunderbird
| Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors. | | 7.0 | CVE-2006-6498 OTHER-REF REDHAT REDHAT REDHAT SECTRACK SECTRACK SECTRACK SECUNIA SECUNIA SECUNIA
| Mozilla -- SeaMonkey Mozilla -- Firefox Mozilla -- Thunderbird
| Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. | | 7.0 | CVE-2006-6500 OTHER-REF SECTRACK SECTRACK SECTRACK
| Mozilla -- SeaMonkey Mozilla -- Firefox Mozilla -- Thunderbird
| Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function. | | 7.0 | CVE-2006-6501 OTHER-REF REDHAT REDHAT REDHAT SECTRACK SECTRACK SECTRACK SECUNIA SECUNIA SECUNIA
| Mozilla -- SeaMonkey Mozilla -- Firefox Mozilla -- Thunderbird
| Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI. | | 7.0 | CVE-2006-6503 OTHER-REF REDHAT REDHAT REDHAT SECTRACK SECTRACK SECTRACK SECUNIA SECUNIA SECUNIA
| Mozilla -- SeaMonkey Mozilla -- Thunderbird
| Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME non-ASCII) headers. | | 7.0 | CVE-2006-6505 OTHER-REF REDHAT REDHAT SECTRACK SECTRACK SECUNIA SECUNIA
| mxBB -- mxBB Web Links
| PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx_links) 2.05 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | | 7.0 | CVE-2006-6645 OTHER-REF BID FRSIRT XF
| Neocrome -- Seditio Neocrome -- Land Down Under
| SQL injection vulnerability in polls.php in Neocrome Land Down Under (LDU) 8.x and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2006-6577 BUGTRAQ BID
| Netrik -- Netrik
| The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename. | | 7.0 | CVE-2006-6678 OTHER-REF OTHER-REF FRSIRT
| Novell -- Novell Apache Novell -- Netware
| Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or HTML via unspecifeid parameters in Welcome web-app. | | 7.0 | CVE-2006-6675 OTHER-REF FRSIRT SECUNIA
| Omniture -- SiteCatalyst
| Multiple cross-site scripting (XSS) vulnerabilities in Omniture SiteCatalyst allow remote attackers to inject arbitrary web script or HTML via the (1) ss parameter in (a) search.asp and the (2) company and (3) username fields on (b) the web login page. NOTE: some details were obtained from third party information. | | 7.0 | CVE-2006-6640 BUGTRAQ BID SECTRACK XF
| Oracle -- Portal
| CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter, possibly involving iso-8859-1 encoding. | | 7.0 | CVE-2006-6697 BUGTRAQ BUGTRAQ FULLDISC FULLDISC BID
| Paristemi -- Paristemi
| Multiple PHP remote file inclusion vulnerabilities in Paristemi 0.8.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the SERVER_DIRECTORY parameter to unspecified scripts, a different vector than CVE-2006-????. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6689 FRSIRT
| PHP-Update -- PHP-Update
| Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the (1) f, (2) newmessage, (3) newusername, (4) adminuser, and (5) permission parameters. | | 7.0 | CVE-2006-6661 OTHER-REF FRSIRT SECUNIA
| planetluc.com -- RateMe
| PHP remote file inclusion vulnerability in main.inc.php in planetluc.com RateMe 1.3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtoscript parameter. | | 7.0 | CVE-2006-6648 BUGTRAQ BID FRSIRT
| ScriptMate -- User Manager
| Multiple cross-site scripting (XSS) vulnerabilities in ScriptMate User Manager 2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) members_username (user) and (2) members_password (password) fields in a login action in members/default.asp, and (3) the Search box. NOTE: some of these details are obtained from third party information. | | 7.0 | CVE-2006-6582 OTHER-REF FRSIRT SECTRACK SECUNIA XF
| scriptsfrenzy.com -- E-Uploader Pro
| Directory traversal vulnerability in include/config.php in E-Uploader Pro 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a .. (dot dot) in the language parameter, as demonstrated by uploading a .JPG file containing PHP code, then accessing the file via config.php. | | 7.0 | CVE-2006-6694 OTHER-REF OTHER-REF BID SECUNIA XF
| Softwin -- BitDefender Softwin -- BitDefender Antivirus Softwin -- BitDefender Online Scanner Softwin -- BitDefender Internet Security Softwin -- BitDefender Mail Protection
| Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability." | | 10.0 | CVE-2006-6627 BUGTRAQ OTHER-REF BID FULLDISC FRSIRT SECTRACK SECUNIA XF
| Typo3 -- Typo3
| rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector. | | 10.0 | CVE-2006-6690 BUGTRAQ MLIST MLIST OTHER-REF BID FRSIRT
| Unicenter -- Database Management Portal Unicenter -- Database Command Center Unicenter -- Enterprise Job Manager CleverPath -- Portal Unicenter -- Workload Control Center Unicenter -- Asset and Portfolio Management CleverPath -- Aion BPM eTrust -- Security Command Center Unicenter -- Management Portal BrightStor -- Portal CA -- CleverPath Portal
| Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server. | | 7.0 | CVE-2006-6641 OTHER-REF FRSIRT SECUNIA
| Valdersoft -- Shopping Cart
| Multiple PHP remote file inclusion vulnerabilities in Valdersoft Shopping Cart 3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the commonIncludePath parameter to (1) admin/include/common.php, (2) include/common.php, or (3) common_include/common.php. | | 7.0 | CVE-2006-6691 OTHER-REF BID FRSIRT XF
| VerliAdmin -- VerliAdmin
| PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote authenticated users to execute arbitrary PHP code via a URL in the q parameter. | | 7.0 | CVE-2006-6666 OTHER-REF BID FRSIRT SECUNIA
| VerliAdmin -- VerliAdmin
| Multiple SQL injection vulnerabilities in VerliAdmin 0.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nick_mod or (2) nick parameter to (a) repass.php or (b) verify.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6667 FRSIRT
| VerliAdmin -- VerliAdmin
| Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6668 FRSIRT
| Vernet Loic -- PHP_Debug
| PHP remote file inclusion vulnerability in tests/debug_test.php in Vernet Loic PHP_Debug 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the debugClassLocation parameter. | | 7.0 | CVE-2006-6581 BUGTRAQ BID SECTRACK XF
| Web-APP.net -- Web-APP.net Web-APP.org -- Web-APP.org
| Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET) allows remote attackers to bypass filtering mechanisms via unknown vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6688 BID
| WebAPP -- WebAPP Network Edition WebAPP -- WebAPP
| Cross-site scripting (XSS) vulnerability in Web Automated Perl Portal (WebAPP) 0.9.9.4, and 0.9.9.3.4 Network Edition (NE) (aka WebAPP.NET), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | | 7.0 | CVE-2006-6687 BID
| WebCalendar -- WebCalendar
| Cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter. | | 7.0 | CVE-2006-6669 SECUNIA BUGTRAQ FRSIRT
| WeBWorK -- Program Generation Language
| lib/WeBWorK/PG/Translator.pm in WeBWorK Program Generation (PG) Language before 2.3.1 uses an insufficiently restrictive regular expression to determine valid macro filenames, which allows attackers to load arbitrary macro files whose names contain the strings (1) dangerousMacros.pl, (2) PG.pl, or (3) IO.pl. | | 7.0 | CVE-2006-6629 OTHER-REF BID FRSIRT
| Yahoo! -- Yahoo! Messenger
| Buffer overflow in the YMMAPI.YMailAttach ActiveX control (ymmapi.dll) before 2005.1.1.4 in Yahoo! Messenger allows remote attackers to execute arbitrary code via a crafted HTML document. NOTE: some details were obtained from third party information. | | 10.0 | CVE-2006-6603 OTHER-REF FRSIRT SECUNIA CERT-VN BID SECTRACK
| YapBB -- YapBB
| PHP remote file inclusion vulnerability in include/yapbb_session.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[include_Bit] parameter. | | 7.0 | CVE-2006-6633 Milw0rm BID XF
| ZABBIX -- ZABBIX
| Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using (1) zabbix_log or (2) zabbix_syslog. | | 7.0 | CVE-2006-6692 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| ZABBIX -- ZABBIX
| Multiple buffer overflows in zabbix before 20061006 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via long strings to the (1) zabbix_log and (2) zabbix_syslog functions. | | 7.0 | CVE-2006-6693 OTHER-REF OTHER-REF BID FRSIRT SECUNIA
|