CVE-2006-2982

CVE-2006-2982 - Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in (1) footer.php and (2) ...
7 years ago

CVE-2012-4893 - Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that (1) read files or execute (2) tar, (3) zip, or (4) gzip ...
12 years ago

CVE-2000-0907 - EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands. ...
16 years ago

CVE-2010-2982 - Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. ...
14 years ago

CVE-2012-2982 - file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character. ...
11 years ago

CVE-2015-2982 - Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified ...
9 years ago

CVE-2005-2982 - Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting 404 error page. ...
8 years ago

CVE-2007-2982 - Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before 1.0.0.7 in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors. ...
7 years ago

CVE-2017-9516 - Craft CMS before 2.6.2982 allows for a potential XSS attack vector by uploading a malicious SVG file. ...
7 years ago

CVE-2013-2982 - IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vectors. ...
7 years ago

CVE-2011-2982 - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory ...
7 years ago

CVE-2008-2982 - Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) ...
7 years ago

CVE-2017-2982 - Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution. ...
2 years ago

CVE-2019-2982 - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple ...
2 years ago

CVE-2022-2982 - Use After Free in GitHub repository vim/vim prior to 9.0.0260. ...
1 year ago

CVE-2023-2982 - The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 7.6.4. This is due to insufficient encryption on the user being supplied during ...
1 year ago

CVE-2024-2982 - A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. ...
10 months ago

CVE-2009-2982 - An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors. Per: ...
6 years ago

CVE-2018-2982 - Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, ...
5 years ago

CVE-2020-2982 - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low ...
4 years ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
55 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
1 year ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago