CyberSecurityBoard
Sponsor Register Login

CVE-2006-2033

PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same primary issue.

Publication date: Wed, 26 Apr 2006 05:06:00 +0000


Cyber News related to CVE-2006-2033

Cyber Insurance Market to be Worth Over $90bn by 2033 - The global cyber insurance market is projected to be worth $90.6bn by 2033, at a growth rate of 22.3% CAGR from 2023, according to an analysis by Market. Us. The industry is expected to reach $14.8bn by the end of 2024, a significant rise from a ...
11 months ago Infosecurity-magazine.com
CVE-2006-2033 - PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same ...
6 years ago
Google fixes first actively exploited Chrome zero-day of 2024 - Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. The company fixed the zero-day for users in the Stable Desktop channel, with patched versions rolling out worldwide ...
10 months ago Bleepingcomputer.com
Google Rushes to Patch Eighth Chrome Zero-Day This Year - Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome's WebRTC component. Supported by ...
11 months ago Securityweek.com
Google Rushes to Patch Eighth Chrome Zero-Day This Year - Google on Wednesday announced emergency patches for a Chrome vulnerability that is under active exploitation. The issue, tracked as CVE-2023-7024, is described as a high-severity heap buffer overflow bug in Chrome's WebRTC component. Supported by ...
11 months ago Packetstormsecurity.com
Google Chrome Zero-day Exploited in the Wild: Patch Now! - Google has released urgent upgrades to fix the Chrome zero-day high-severity vulnerability that has been widely exploited, which could lead to software crashes or arbitrary code execution. To address the actively exploited zero-day vulnerability, the ...
11 months ago Cybersecuritynews.com
Alert: New Chrome Zero-Day Vulnerability Being Exploited - Google, in light of recent events, has launched a critical update for a high-severity Chrome zero-day vulnerability. As per recent reports, Google claims that the vulnerability has been actively exploited. It's worth noting that the vulnerability ...
11 months ago Securityboulevard.com
CVE-2012-2033 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and ...
7 years ago
CVE-2012-2030 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2031, CVE-2012-2032, and ...
7 years ago
CVE-2012-2032 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and ...
7 years ago
CVE-2012-2031 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and ...
7 years ago
CVE-2012-2029 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and ...
7 years ago
CVE-2008-2033 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1381. Reason: This candidate is a duplicate of CVE-2008-1381. Notes: All CVE users should reference CVE-2008-1381 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com
CVE-2010-2033 - Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) component 0.6 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller ...
14 years ago
CVE-2011-4142 - The Web Search feature in EMC SourceOne Email Management 6.5 before 6.5.2.4033, 6.6 before 6.6.1.2194, and 6.7 before 6.7.2.2033 places cleartext credentials in log files, which allows local users to obtain sensitive information by reading these ...
12 years ago
CVE-2005-2033 - Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. ...
8 years ago
CVE-2015-2033 - Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request. ...
8 years ago
CVE-2004-2033 - Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. ...
7 years ago
CVE-2007-2033 - Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authenticated users to read any configuration page by changing the group membership of user accounts, aka Bug ID CSCse78596. ...
7 years ago
CVE-2009-2033 - Cross-site scripting (XSS) vulnerability in index.php in Yogurt 0.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. ...
7 years ago
CVE-2014-2033 - The caching feature in SGOS in Blue Coat ProxySG 5.5 through 5.5.11.3, 6.1 through 6.1.6.3, 6.2 through 6.2.15.3, 6.4 through 6.4.6.1, and 6.3 and 6.5 before 6.5.4 allows remote authenticated users to bypass intended access restrictions during a time ...
6 years ago
CVE-2019-2033 - In create_hdr of dnssd_clientstub.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: ...
5 years ago
CVE-2020-2033 - When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability ...
4 years ago
CVE-2020-26554 - REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML e-mail message. ...
4 years ago
CVE-2021-2033 - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows low ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)