CVE-2006-1544

Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters.

Publication date: Thu, 30 Mar 2006 17:02:00 +0000


Cyber News related to CVE-2006-1544

CVE-2006-1544 - Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters. ...
6 years ago
CVE-2020-1542 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1540 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1541 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1539 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1536 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1543 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1544 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1535 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2020-1547 - An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of ...
3 years ago
CVE-2012-1544 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-1876. Reason: This candidate is a duplicate of CVE-2012-1876. Notes: All CVE users should reference CVE-2012-1876 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2001-1544 - Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. ...
16 years ago
CVE-2002-1544 - Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get. ...
16 years ago
CVE-2010-1544 - micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80. ...
14 years ago
CVE-2011-1544 - Unspecified vulnerability in HP Insight Control Performance Management before 6.3 allows remote authenticated users to gain privileges via unknown vectors. ...
13 years ago
CVE-1999-1544 - Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. ...
8 years ago
CVE-2014-1544 - Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to ...
7 years ago
CVE-2004-1544 - Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. ...
7 years ago
CVE-2005-1544 - Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. ...
7 years ago
CVE-2003-1544 - Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being ...
7 years ago
CVE-2007-1544 - Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples ...
6 years ago
CVE-2009-1544 - Double free vulnerability in the Workstation service in Microsoft Windows allows remote authenticated users to gain privileges via a crafted RPC message to a Windows XP SP2 or SP3 or Server 2003 SP2 system, or cause a denial of service via a crafted ...
1 month ago
CVE-2008-1544 - The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers ...
5 years ago
CVE-2017-1544 - IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812. ...
5 years ago
CVE-2018-1544 - IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. IBM X-Force ID: 142648. ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)