PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[DIR_LIBS] parameter. Date published : 2006-05-25 http://www.securityfocus.com/bid/18097 http://www.securityfocus.com/archive/1/434837/100/0/threaded
The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors. Date published : 2006-05-25 http://secunia.com/advisories/20264 http://www.vupen.com/english/advisories/2006/1949
Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Date published : 2006-05-25 http://secunia.com/advisories/20264 http://www.vupen.com/english/advisories/2006/1949
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that...
Multiple unspecified vulnerabilities in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allow remote attackers to gain privileged access, execute arbitrary commands, or create arbitrary files via unknown vectors. Date...
Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 allows remote attackers to execute arbitrary code via unknown vectors. Date published : 2006-05-24 http://www.securityfocus.com/bid/18095 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00671912
admin/cron.php in eSyndicat Directory 1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files and possibly execute arbitrary PHP code via a null-terminated value in the path_to_config parameter....
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) where_cms, (2) where_lms, (3) where_upgrade, (4)...
Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) lib.simplesel.php, (b) lib.filelist.php,...
The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (crash) via a client flag (frameNum) that is greater than 41, which triggers an assert...
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors. Date published : 2006-05-24 http://www.securityfocus.com/bid/18098 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00659649
SQL injection vulnerability in index.php in DGBook 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, (4) address, (5) comment, and (6) ip...
Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) email, and (4) address parameters. Date published :...
Cross-site scripting (XSS) vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action. Date published :...