CVE-2006-1233

Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.

Publication date: Wed, 15 Mar 2006 01:06:00 +0000


Cyber News related to CVE-2006-1233

CVE-2006-1233 - Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php. ...
6 years ago
CVE-2020-1265 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago
CVE-2020-1233 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1235, CVE-2020-1265, ...
3 years ago
CVE-2020-1304 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago
CVE-2020-1231 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, ...
3 years ago
CVE-2020-1235 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1265, ...
3 years ago
CVE-2020-1282 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago
CVE-2020-1306 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago
CVE-2020-1334 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago
CVE-2002-1233 - A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack ...
8 years ago
CVE-2015-1233 - Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors. ...
3 years ago
CVE-2000-1233 - SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter. ...
16 years ago
CVE-2014-1233 - The paratrooper-pingdom gem 1.0.0 for Ruby allows local users to obtain the App-Key, username, and password values by listing the curl process. ...
1 year ago
CVE-2016-1233 - An unspecified udev rule in the Debian fuse package in jessie before 2.9.3-15+deb8u2, in stretch before 2.9.5-1, and in sid before 2.9.5-1 sets world-writable permissions for the /dev/cuse character device, which allows local users to gain privileges ...
8 years ago
CVE-2003-1233 - Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to ...
7 years ago
CVE-2004-1233 - Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption) via a user packet to the DCC file transfer capability with an invalid file length. ...
7 years ago
CVE-2005-1233 - Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters. ...
7 years ago
CVE-2010-1233 - Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects. ...
7 years ago
CVE-2009-1233 - Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service (application crash) via an XML document containing many nested A elements. ...
7 years ago
CVE-2007-1233 - PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the stwc_counter_verzeichniss parameter. ...
7 years ago
CVE-2018-1233 - RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript ...
6 years ago
CVE-2008-1233 - Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution." ...
6 years ago
CVE-1999-1233 - IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability. ...
6 years ago
CVE-2001-1233 - Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. ...
6 years ago
CVE-2017-1233 - IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912. ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)