SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. Date published : 2006-12-29 http://www.securityfocus.com/bid/9168 http://www.neocrome.net/index.php?m=single&id=76
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2)...
SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2006-12-29 http://ftp.icdevgroup.org/interchange/4.8/WHATSNEW http://www.osvdb.org/7140
Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. Date published : 2006-12-29 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21171253 http://www.osvdb.org/displayvuln.php?osvdb_id=7268
SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. Date published : 2006-12-29 http://www.securityfocus.com/bid/14882 http://osvdb.org/ref/19/DiggerIOS_Ver_2.7.2_SQL_Injection_Vulnerability.pdf
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2) the f parameter in...
SMC Wireless Router model SMC7904WBRA allows remote attackers to cause a denial of service (reboot) by flooding the router with traffic. Date published : 2006-12-29 http://www.securityfocus.com/bid/14809 https://exchange.xforce.ibmcloud.com/vulnerabilities/40019
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published :...
Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to...
Unspecified vulnerability in the tab editor for Personal .NET Portal before 2.0.0 has unknown impact and attack vectors related to a "Security leak." Date published : 2006-12-29 http://sourceforge.net/project/shownotes.php?release_id=460503 http://www.vupen.com/english/advisories/2006/4452
Calendar MX BASIC 1.0.2 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for calendar.mdb. NOTE: The provenance...
Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) getdate parameter in (a)...
PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc.php in Yrch! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. Date published : 2006-12-29 http://www.securityfocus.com/bid/21794 https://www.exploit-db.com/exploits/3025