CVE-2006-1282

CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when redirecting to other web pages.

Publication date: Sun, 19 Mar 2006 17:06:00 +0000

Cyber News related to CVE-2006-1282

CVE-2006-1282 - CRLF injection vulnerability in inc/function.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to conduct cross-site scripting (XSS), poison caches, or hijack pages via CRLF (%0A%0D) sequences in the Referrer HTTP header field, possibly when ...
6 years ago

CVE-2020-1265 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago

CVE-2020-1233 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1235, CVE-2020-1265, ...
3 years ago

CVE-2020-1304 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago

CVE-2020-1231 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, ...
3 years ago

CVE-2020-1235 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1265, ...
3 years ago

CVE-2020-1282 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago

CVE-2020-1306 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago

CVE-2020-1334 - An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, ...
3 years ago

CVE-2010-1282 - Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file. ...
2 years ago

CVE-2003-1282 - IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other ...
16 years ago

CVE-2001-1282 - Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information. ...
16 years ago

CVE-2002-1282 - Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL. ...
8 years ago

CVE-2017-1282 - IBM Content Navigator & CMIS 2.0 and 3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...
7 years ago

CVE-2004-1282 - Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to execute arbitrary code via a crafted message that is not properly handled during a Reply operation. ...
7 years ago

CVE-2005-1282 - Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the ...
7 years ago

CVE-2008-1282 - Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup before 1.0.802.29 allows remote attackers to execute arbitrary code via a long FilePath parameter. ...
7 years ago

CVE-2009-1282 - SQL injection vulnerability in private/system/lib-session.php in glFusion 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the glf_session cookie parameter. ...
7 years ago

CVE-2007-1282 - Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long ...
7 years ago

CVE-1999-1282 - RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. ...
7 years ago

CVE-2018-1282 - This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation. ...
6 years ago

CVE-2013-1282 - The LDAP service in Microsoft Active Directory, Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Service (AD LDS), and Active Directory Services allows remote attackers to cause a denial of service (memory consumption ...
6 years ago

CVE-2015-1282 - Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF ...
6 years ago

CVE-2014-1282 - The Profiles component in Apple iOS before 7.1 and Apple TV before 6.1 allows attackers to bypass intended configuration-profile visibility requirements via a long name. ...
5 years ago

CVE-2019-1282 - An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. ...
4 years ago

Latest Cyber News

CVE-2024-12884 - 16 hours ago
CVE-2024-51463 - 16 hours ago
CVE-2024-51464 - 16 hours ago
CVE-2024-12883 - 17 hours ago
CVE-2024-12875 - 18 hours ago
CVE-2024-12591 - 20 hours ago
CVE-2024-12408 - 20 hours ago
CVE-2024-12558 - 20 hours ago
CVE-2024-11722 - 20 hours ago
CVE-2024-11688 - 20 hours ago
CVE-2024-10453 - 20 hours ago
CVE-2024-11808 - 21 hours ago
CVE-2024-12588 - 21 hours ago
CVE-2024-9545 - 21 hours ago
CVE-2024-10797 - 21 hours ago
CVE-2024-12262 - 23 hours ago
CVE-2024-12635 - 23 hours ago
CVE-2024-12697 - 23 hours ago
CVE-2024-12721 - 23 hours ago
CVE-2024-12771 - 23 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-12841 - 1 day ago
CVE-2024-37758 - 1 day ago
CVE-2024-55342 - 1 day ago
CVE-2024-12842 - 1 day ago
CVE-2024-12867 - 1 day ago
CVE-2024-55341 - 1 day ago
CVE-2024-56329 - 1 day ago
CVE-2024-56330 - 1 day ago
CVE-2024-56331 - 1 day ago
CVE-2024-56333 - 1 day ago
CVE-2024-12843 - 1 day ago
CVE-2024-12844 - 1 day ago
CVE-2024-40875 - 1 day ago
CVE-2024-55509 - 1 day ago
CVE-2024-56334 - 1 day ago
CVE-2024-56335 - 1 day ago
CVE-2024-56357 - 1 day ago
CVE-2024-56358 - 1 day ago
CVE-2024-56359 - 1 day ago
CVE-2020-13712 - 1 day ago