CVE-2006-1497

CVE-2006-1497 - Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter. ...
14 years ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
56 years ago Tenable.com

CVE-2008-7182 - Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND ...
8 years ago

CVE-2011-1497 - A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. ...
4 years ago

CVE-1999-1497 - Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. ...
17 years ago

CVE-2013-1497 - Unspecified vulnerability in the Oracle COREid Access component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to WebGate - WebServer plugin. ...
12 years ago

CVE-2004-1497 - Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, which allows local users to gain privileges. ...
9 years ago

CVE-2005-1497 - index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message. ...
8 years ago

CVE-2003-1497 - Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. ...
8 years ago

CVE-2010-1497 - Cross-site scripting (XSS) vulnerability in download_proc.php in dl_stats before 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. ...
8 years ago

CVE-2015-1497 - radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465. ...
8 years ago

CVE-2007-1497 - nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 ...
2 years ago

CVE-2017-1497 - IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695. ...
8 years ago

CVE-2012-1497 - The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file" attribute, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files by ...
7 years ago

CVE-2002-1497 - Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response. ...
7 years ago

CVE-2009-1497 - Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file. ...
7 years ago

CVE-2008-1497 - Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command. ...
7 years ago

CVE-2016-1497 - The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4 HF2, 1.6.x before 11.6.1, and 12.0.0 before HF1 allows remote administrators to read Access Policy ...
6 years ago

CVE-2014-1497 - The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause ...
5 years ago

CVE-2021-1497 - Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, ...
4 years ago

CVE-2020-1497 - An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. ...
4 years ago

CVE-2001-1497 - Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes ...
4 years ago

CVE-2022-1497 - Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page. ...
3 years ago

CVE-2023-22395 - A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In an MPLS scenario specific packets destined to an ...
2 years ago

CVE-2023-1497 - A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. It has been rated as critical. This issue affects some unknown processing of the file uploaderm.php. The manipulation of the argument submit leads to unrestricted ...
2 years ago