CVE-2006-1175

The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page.

Publication date: Wed, 31 May 2006 15:06:00 +0000

Cyber News related to CVE-2006-1175

CVE-2006-1175 - The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page. ...
6 years ago

CVE-2019-1177 - An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1178, ...
3 years ago

CVE-2019-1178 - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, ...
3 years ago

CVE-2019-1174 - An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1175, CVE-2019-1177, ...
3 years ago

CVE-2019-1186 - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, ...
3 years ago

CVE-2019-1184 - An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, ...
3 years ago

CVE-2020-1051 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1174, CVE-2020-1175, ...
2 years ago

CVE-2020-1175 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, ...
2 years ago

CVE-2020-1174 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, ...
2 years ago

CVE-2020-1176 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, ...
2 years ago

CVE-2008-1175 - Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter to aspAdmin/deleteUser.asp, a different vector than CVE-2008-1174. NOTE: the provenance of ...
15 years ago

CVE-2022-1433 - An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential ...
2 years ago

CVE-2000-1175 - Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument. ...
15 years ago

CVE-2009-1175 - Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message. ...
15 years ago

CVE-2007-1175 - Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP before 20070209 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
13 years ago

CVE-2012-1175 - Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer ...
11 years ago

CVE-2016-1175 - Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users. ...
8 years ago

CVE-2002-1175 - The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts ...
7 years ago

CVE-2003-1175 - Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. ...
6 years ago

CVE-2004-1175 - fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. ...
6 years ago

CVE-2017-1175 - IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM ...
6 years ago

CVE-2011-1175 - tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many ...
6 years ago

CVE-1999-1175 - Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. ...
6 years ago

CVE-2001-1175 - vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. ...
6 years ago

CVE-2015-1175 - Cross-site scripting (XSS) vulnerability in blocklayered-ajax.php in the blocklayered module in PrestaShop 1.6.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the layered_price_slider parameter. ...
5 years ago

Latest Cyber News

CVE-2024-39475 - 25 seconds ago
CVE-2024-5860 - 29 minutes ago
CVE-2024-5541 - 30 minutes ago
CVE-2024-4094 - 40 minutes ago
CVE-2024-3276 - 42 minutes ago
CVE-2024-0845 - 49 minutes ago
CVE-2024-1634 - 50 minutes ago
CVE-2024-4375 - 51 minutes ago
CVE-2024-6525 - 1 hour ago
CVE-2024-6524 - 1 hour ago
CVE-2024-6523 - 1 hour ago
CVE-2024-6298 - 1 hour ago
CVE-2024-6209 - 1 hour ago
CVE-2024-39477 - 1 hour ago
CVE-2024-39474 - 1 hour ago
CVE-2024-39473 - 1 hour ago
CVE-2024-39485 - 1 hour ago
CVE-2024-39483 - 1 hour ago
CVE-2024-39481 - 1 hour ago
CVE-2024-39480 - 1 hour ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-6524 - 1 hour ago
CVE-2024-6525 - 1 hour ago
CVE-2024-6523 - 1 hour ago
CVE-2024-6298 - 1 hour ago
CVE-2024-6209 - 1 hour ago
CVE-2024-39477 - 1 hour ago
CVE-2024-39474 - 1 hour ago
CVE-2024-39473 - 1 hour ago
CVE-2024-39485 - 1 hour ago
CVE-2024-39483 - 1 hour ago
CVE-2024-39481 - 1 hour ago
CVE-2024-39480 - 1 hour ago
CVE-2024-39479 - 1 hour ago
CVE-2024-39478 - 1 hour ago
CVE-2024-39476 - 1 hour ago
CVE-2024-39475 - 25 seconds ago
CVE-2024-39472 - 1 hour ago
CVE-2024-27397 - 6 hours ago
CVE-2024-39484 - 1 hour ago
CVE-2024-39482 - 1 hour ago