LiveActive security incident?Get immediate response
CVE archive

August 2006

Browse CVE records published in August 2006, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 543 matching CVEs · Page 2 of 11.

Unknown · CVSS Not scored

CVE-2006-4468: Multiple unspecified vulnerabilities in Joomla!

Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the (1) mosMail, (2) JosIsValidEmail, and (3) josSpoofValue functions; (4) the lack of inclusion of globals.php in administrator/index.php; (5) the Admin User Manager; and (6) the poll module.

Published Aug 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4476: Multiple unspecified vulnerabilities in Joomla!

Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via (1) globals.php, which uses include_once() instead of require(); (2) the $options variable; (3) Admin Upload Image; (4) ->load(); (5) content submissions when frontpage is selected; (6) the mosPageNav constructor; (7) saveOrder functions; (8) the absence of "exploit blocking rules" in htaccess; and (9) the ACL.

Published Aug 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4470: Joomla!

Joomla! before 1.0.11 omits some checks for whether _VALID_MOS is defined, which allows attackers to have an unknown impact, possibly resulting in PHP remote file inclusion.

Published Aug 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4466: Joomla!

Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Joomla!.

Published Aug 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4467: Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset variables...

Simple Machines Forum (SMF) 1.1RCx before 1.1RC3, and 1.0.x before 1.0.8, does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to perform directory traversal attacks to read arbitrary local files, lock topics, and possibly have other security impacts. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Simple Machines Forum.

Published Aug 31, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4445: Multiple PHP remote file inclusion vulnerabilities in CuteNews 1.3.x allow remote attackers to execute arbi...

Multiple PHP remote file inclusion vulnerabilities in CuteNews 1.3.x allow remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter to (1) show_news.php or (2) search.php. NOTE: CVE analysis as of 20060829 has not identified any scenarios in which these vectors could result in remote file inclusion

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4444: Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for Windows allow remote authenticated users...

Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for Windows allow remote authenticated users to execute arbitrary SQL commands via the (1) tid parameter in the (a) todo/view (aka TODO List View), (b) todo/modify (aka TODO List Modify), or (c) todo/delete functionality; the (2) pid parameter in the (d) workflow/view or (e) workflow/print functionality; the (3) uid parameter in the (f) schedule/user_view, (g) phonemessage/add, (h) phonemessage/history, or (i) schedule/view functionality; the (4) cid parameter in (j) todo/index; the (5) iid parameter in the (k) memo/view or (l) memo/print functionality; or the (6) event parameter in the (m) schedule/view functionality.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4441: Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote...

Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter to (1) home.php or (2) impressum.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4430: The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installati...

The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4425: Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbit...

Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) redirect.php or (7) session_set.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4432: Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to overwrite a...

Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the final component of the PHP session identifier (PHPSESSID). NOTE: in some cases, this issue can be leveraged to perform direct static code injection.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4423: Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 allow remote attackers to execute arbitr...

Multiple PHP remote file inclusion vulnerabilities in Bigace 1.8.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[_BIGACE][DIR][admin] parameter in (a) system/command/admin.cmd.php, (b) admin/include/upload_form.php, and (c) admin/include/item_main.php; and the (2) GLOBALS[_BIGACE][DIR][libs] parameter in (d) system/command/admin.cmd.php and (e) system/command/download.cmd.php.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4422: PHP remote file inclusion vulnerability in includes/phpdig/libs/search_function.php in Jetbox CMS 2.1 allow...

PHP remote file inclusion vulnerability in includes/phpdig/libs/search_function.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary PHP code via a URL in the relative_script_path parameter, a different vector than CVE-2006-2270. NOTE: this issue has been disputed, and as of 20060830, CVE analysis concurs with the dispute. In addition, it is likely that the vulnerability is actually in a third party module, phpDig 1.8.8

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4429: PHP remote file inclusion vulnerability in handlers/email/mod.output.php in PHlyMail Lite 3.4.4 and earlier...

PHP remote file inclusion vulnerability in handlers/email/mod.output.php in PHlyMail Lite 3.4.4 and earlier (Build 3.04.04) allows remote attackers to execute arbitrary PHP code via a URL in the _PM_[path][handler] parameter, a different vector than CVE-2006-4291. NOTE: This issue has been disputed by a third party, who states that the _IN_PHM_ declaration prevents this file from being called directly

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4433: PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PHPSESSID...

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session file. NOTE: it could be argued that this not a vulnerability in PHP itself, rather a design limitation that enables certain attacks against session handlers that do not account for this limitation.

Published Aug 29, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4376: Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow...

Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module.

Published Aug 26, 2006 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2006-4434: Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service...

Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."

Published Aug 29, 2006 · Updated Aug 7, 2024