CVE-2006-1212

Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by source code inspection of CoreNews 2.0.1, which does not appear to use a "page" parameter or variable.

Publication date: Tue, 14 Mar 2006 07:06:00 +0000

Cyber News related to CVE-2006-1212

CVE-2024-47100 - A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly ...
4 weeks ago Tenable.com

CVE-2025-24811 - A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/Rly (6ES7211-1HE40-0XB0), SIMATIC S7-1200 CPU 1212C AC/DC/Rly ...
1 day ago Tenable.com

CVE-2025-24812 - A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211-1AE40-0XB0) (All versions < V4.7), SIMATIC S7-1200 CPU 1211C DC/DC/Rly ...
1 day ago Tenable.com

CVE-2006-2033 - PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same ...
6 years ago

CVE-2006-3448 - Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, ...
6 years ago

CVE-2006-1212 - Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by ...
6 years ago

CVE-2015-1232 - Array index error in the MidiManagerUsb::DispatchSendMidiData function in media/midi/midi_manager_usb.cc in Google Chrome before 41.0.2272.76 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging ...
8 years ago

CVE-2015-1212 - Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly have other impact via unknown vectors. ...
3 years ago

CVE-2001-1212 - Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter. ...
16 years ago

CVE-2002-1212 - Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before 1.30, allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. ...
16 years ago

CVE-2013-1212 - The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual Supervisor Module (VSM) to VMware vCenter communication, ...
11 years ago

CVE-2003-1212 - MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. ...
7 years ago

CVE-2004-1212 - Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. (dot dot) in the file argument. ...
7 years ago

CVE-2008-1212 - Cross-site scripting (XSS) vulnerability in set_permissions.php in Podcast Generator 0.96.2 allows remote attackers to inject arbitrary web script or HTML via the scriptlang parameter. NOTE: the provenance of this information is unknown; the details ...
7 years ago

CVE-2012-1212 - Cross-site scripting (XSS) vulnerability in the smwfOnSfSetTargetName function in extensions/SMWHalo/includes/SMW_Initialize.php in Semantic Enterprise Wiki (SMW+) 1.5.6, 1.6.0_2 and earlier allows remote attackers to inject arbitrary web script or ...
7 years ago

CVE-2014-4974 - The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel ...
7 years ago

CVE-2010-1212 - js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via ...
7 years ago

CVE-2000-1212 - Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. ...
7 years ago

CVE-1999-1212 - Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges. ...
7 years ago

CVE-2009-1212 - Multiple insecure method vulnerabilities in PRECIS~2.DLL in the PrecisionID Datamatrix ActiveX control (DMATRIXLib.Datamatrix) allow remote attackers to overwrite arbitrary files via the (1) SaveBarCode and (2) SaveEnhWMF methods. ...
6 years ago

CVE-2007-1212 - Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via a crafted Enhanced Metafile (EMF) image format file. ...
6 years ago

CVE-2005-1212 - Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. ...
5 years ago

CVE-2017-1212 - IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852. ...
5 years ago

CVE-2018-1212 - The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could ...
5 years ago

CVE-2019-1212 - A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding. ...
8 months ago

Latest Cyber News

Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 3 minutes ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 11 minutes ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 3 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 3 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 3 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 4 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 4 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 6 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 6 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 7 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 7 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 8 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 9 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 9 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 9 hours ago
CVE-2025-1207 - 9 hours ago
CVE-2025-0556 - 9 hours ago
CVE-2025-1206 - 10 hours ago
CVE-2025-1212 - 10 hours ago
CVE-2025-1244 - 10 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 3 minutes ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 11 minutes ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 3 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 3 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 3 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 4 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 4 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 7 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 9 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 8 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 7 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 6 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 9 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 6 hours ago
CVE-2023-40721 - 1 day ago
CVE-2024-12755 - 1 day ago
CVE-2024-12756 - 1 day ago
CVE-2024-27780 - 1 day ago
CVE-2024-27781 - 1 day ago