CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2006-7034
https://notcve.org/view.php?id=CVE-2006-7034
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. Vulnerabilidad de inyección SQL en directory.php en Super Link Exchange Script 1.0 podría permitir a atacantes remotos ejecutar consultas SQL de su elección a través del parámetro cat. • http://securityreason.com/securityalert/2285 http://www.securityfocus.com/archive/1/435166/30/4680/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/26720 •
CVSS: 4.4EPSS: 0%CPEs: 11EXPL: 0CVE-2006-7037
https://notcve.org/view.php?id=CVE-2006-7037
Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. Mathcad versiones 12 hasta 13.1, permite a usuarios locales omitir las funcionalidades de seguridad accediendo o editando directamente la representación XML de la hoja de trabajo con un editor de texto u otro programa, que permite a atacantes (1) omitir la protección con contraseña reemplazando el campo password con un hash de una contraseña conocida, (2) modificar las marcas de tiempo para evitar la detección de modificaciones, (3) eliminar bloqueos eliminando el atributo "is-locked", y (4) visualizar datos bloqueados, que se almacenan en texto plano. • http://securityreason.com/securityalert/2305 http://www.securityfocus.com/archive/1/436441/30/4560/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/27115 https://exchange.xforce.ibmcloud.com/vulnerabilities/27116 https://exchange.xforce.ibmcloud.com/vulnerabilities/27117 https://exchange.xforce.ibmcloud.com/vulnerabilities/27118 •
CVSS: 7.5EPSS: 4%CPEs: 18EXPL: 2CVE-2007-1043 – Ezboo Webstats 3.03 - Administrative Authentication Bypass
https://notcve.org/view.php?id=CVE-2007-1043
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. Ezboo webstats, posiblemente la 3.0.3, permite a atacantes remotos evitar la autenticación y obtener una vía de acceso mediante una petición directa al (1) update.php y (2) config.php. • https://www.exploit-db.com/exploits/29610 http://forums.avenir-geopolitique.net/viewtopic.php?t=2674 http://osvdb.org/34181 http://securityreason.com/securityalert/2275 http://www.securityfocus.com/archive/1/460325/100/0/threaded http://www.securityfocus.com/bid/22590 https://exchange.xforce.ibmcloud.com/vulnerabilities/32563 •
CVSS: 6.8EPSS: 93%CPEs: 32EXPL: 0CVE-2006-1313
https://notcve.org/view.php?id=CVE-2006-1313
Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. • http://secunia.com/advisories/20620 http://securitytracker.com/id?1016283 http://www.kb.cert.org/vuls/id/390044 http://www.osvdb.org/26434 http://www.securityfocus.com/bid/18359 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2321 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/26805 https://oval.cisecurity.org/repository/search/definition/ov •
CVSS: 7.5EPSS: 56%CPEs: 3EXPL: 0CVE-2006-2376
https://notcve.org/view.php?id=CVE-2006-2376
Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow. • http://secunia.com/advisories/20631 http://securityreason.com/securityalert/1094 http://securitytracker.com/id?1016286 http://www.kb.cert.org/vuls/id/909508 http://www.osvdb.org/26431 http://www.securityfocus.com/archive/1/436950/100/0/threaded http://www.securityfocus.com/bid/18322 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2006/2324 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-026 https& • CWE-189: Numeric Errors •