PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php....
SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2006-06-01 http://www.securityfocus.com/bid/18140 http://www.securityfocus.com/archive/1/435284/100/0/threaded
The RedCarpet command-line client (rug) does not verify SSL certificates from a server, which allows remote attackers to read network traffic and execute commands via a man-in-the-middle (MITM) attack. Date published : 2006-06-01 http://www.securityfocus.com/bid/18193...
The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. Date published : 2006-06-01 http://www.securityfocus.com/bid/18204...
Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. NOTE: this is similar to CVE-2006-1864, but this...
Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. Date published : 2006-06-01 http://www.securityfocus.com/bid/18160 http://www.securityfocus.com/archive/1/435416/100/0/threaded
The HTTP service in EServ/3 3.25 allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files. Date published :...
Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user’s email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences...