CyberSecurityBoard
Sponsor Register Login

CVE-2006-1203

PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php.

Publication date: Tue, 14 Mar 2006 07:06:00 +0000


Cyber News related to CVE-2006-1203

CVE-2022-49977 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
CVE-2025-22091 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago
CVE-2006-1203 - PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, ...
7 years ago
CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
56 years ago Tenable.com
CVE-2020-1203 - An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege ...
4 years ago
CVE-2020-1202 - An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege ...
4 years ago
CVE-2013-1203 - Cisco ASA CX Context-Aware Security Software allows remote attackers to cause a denial of service (device reload) via crafted TCP packets that appear to have been forwarded by a Cisco Adaptive Security Appliances (ASA) device, aka Bug ID CSCue88386. ...
12 years ago
CVE-2012-1203 - Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts via a save_user action. ...
11 years ago
CVE-1999-1203 - Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. ...
9 years ago
CVE-2002-1203 - IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without ...
9 years ago
CVE-2005-1203 - Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter. ...
9 years ago
CVE-2003-1203 - Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote attackers to execute script on other clients via the ?option parameter. ...
8 years ago
CVE-2004-1203 - parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web server's installation path. ...
8 years ago
CVE-2017-1203 - IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality ...
8 years ago
CVE-2008-1203 - The administrator interface for Adobe ColdFusion 8 and ColdFusion MX7 does not log failed authentication attempts, which makes it easier for remote attackers to conduct brute force attacks without detection. ...
8 years ago
CVE-2010-1203 - The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in ...
8 years ago
CVE-2000-1203 - Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop. ...
8 years ago
CVE-2001-1203 - Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. ...
8 years ago
CVE-2009-1203 - WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it ...
7 years ago
CVE-2007-1203 - Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory ...
2 years ago
CVE-2019-1203 - A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a ...
1 year ago
CVE-2018-1203 - In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin ...
6 years ago
CVE-2014-1203 - The get_login_ip_config_file function in Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/ip_login_set/d_ip_login_get.php. ...
6 years ago
CVE-2011-1203 - Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." ...
5 years ago
CVE-2021-1203 - Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart ...
5 years ago

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)