NVD List
| Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 63594 | CVE-2006-4986 | Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request for (1) certain files in the includes/content directory, (2) includes/shows_preview.php, and (3) adminpanel/configform.php; and files in adminpanel/includes/ including (4) mailinglist/disphtmltbl.php, (5) mailinglist/dispxls.php, (6) mailinglist/sendshows.php, (7) previews/preview_bio.php, (8) previews/preview_genmerch.php, (9) previews/preview_fliers.php, (10) previews/preview_gbook.php, (11) previews/preview_interviews.php, (12) previews/preview_links.php, (13) previews/preview_lyrics.php, (14) previews/preview_membio.php, (15) previews/preview_merchphotos.php, (16) previews/preview_mp3s.php, (17) previews/preview_news.php, (18) previews/preview_photos.php, (19) previews/preview_releases.php, (20) previews/preview_relmerch.php, (21) previews/preview_relphotos.php, (22) previews/preview_reviews.php, (23) previews/preview_shows.php, (24) previews/preview_wearmerch.php, (25) change_forms/change_bio.php, (26) change_forms/change_fliers.php, (27) change_forms/change_gbook.php, (28) change_forms/change_gen_merch.php, (29) change_forms/change_interview.php, (30) change_forms/change_links.php, (31) change_forms/change_lyrics.php, (32) change_forms/change_members.php, (33) change_forms/change_merch.php, (34) change_forms/change_merch_pic.php, (35) change_forms/change_mp3s.php, (36) change_forms/change_news.php, (37) change_forms/change_photos.php, (38) change_forms/change_rel_merch.php, (39) change_forms/change_rel_pic.php, (40) change_forms/change_releases.php, (41) change_forms/change_reviews.php, (42) change_forms/change_shows.php, and (43) change_forms/change_wear_merch.php, which reveals the path in various error messages. | 2 | 5 | Medium | 2016-12-20 | 2008-09-05 | View | |
| 63850 | CVE-2006-5244 | Multilple PHP remote file inclusion vulnerabilities in OpenDock Easy Blog 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) down_stat.php, (2) file.php, (3) find_file.php, (4) lib_read_file.php, and (5) lib_form_file.php in sw/lib_up_file; (6) find_comment.php, (7) comment.php, and (8) lib_comment.php in sw/lib_comment/; (9) sw/lib_find/find.php; and other unspecified vectors. | 2 | 5.1 | Medium | 2016-12-20 | 2011-03-07 | View | |
| 64106 | CVE-2006-5505 | Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote attackers to execute arbitrary PHP code via the lang parameter to (1) admin/configuration.inc.php, (2) admin/creer_album.inc.php, (3) admin/changepwd.php.inc, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | 2 | 7.5 | High | 2016-12-20 | 2011-03-07 | View | |
| 64362 | CVE-2006-5787 | admin/index.php in IPrimal Forums as of 20061105 allows remote attackers to bypass authentication and modify user passwords via a direct request, possibly related to an authentication issue in admin/chk_admin.php. | 2 | 7.5 | High | 2016-12-20 | 2011-03-07 | View | |
| 64618 | CVE-2006-6057 | The Linux kernel 2.6.x up to 2.6.18, and possibly other versions, on Fedora Core 6 and possibly other operating systems, allows local users to cause a denial of service (crash) via a malformed gfs2 file stream that triggers a NULL pointer dereference in the init_journal function. | 2 | 4.9 | Medium | 2016-12-20 | 2011-03-07 | View |
Page 614 of 17672, showing 5 records out of 88360 total, starting on record 3066, ending on 3070
