CVE-2006-3211

CVE-2006-3211 - Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments parameter. ...
10 months ago

CVE-2016-0200 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2016-0199 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2016-3211 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2009-4987 - admin/header.php in Scripteen Free Image Hosting Script 2.3 allows remote attackers to bypass authentication and gain administrative access by setting the cookgid cookie value to 1, a different vector than CVE-2008-3211. ...
1 year ago

CVE-2011-3211 - The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client. ...
13 years ago

CVE-2013-3211 - Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue." ...
11 years ago

CVE-2012-3211 - Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call. ...
11 years ago

CVE-2005-3211 - Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be ...
8 years ago

CVE-2007-3211 - Cross-site scripting (XSS) vulnerability in 404.php in Domain Technologie Control (DTC) before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI). NOTE: the provenance of this information is unknown; ...
7 years ago

CVE-2009-3211 - Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. ...
7 years ago

CVE-2010-3211 - Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter ...
7 years ago

CVE-2015-3211 - php-fpm allows local users to write to or create arbitrary files via a symlink attack. ...
7 years ago

CVE-2008-3211 - Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1. ...
1 year ago

CVE-2014-3211 - Publify before 8.0.1 is vulnerable to a Denial of Service attack ...
4 years ago

CVE-2017-3211 - Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks the first name, last initial, city, and recent purchase data of customers, all without user authorization. ...
4 years ago

CVE-2020-3211 - A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper ...
4 years ago

CVE-2018-3211 - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serviceability). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181. Easily exploitable vulnerability allows low privileged ...
2 years ago

CVE-2022-3211 - Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6. ...
2 years ago

CVE-2023-3211 - The WordPress Database Administrator WordPress plugin through 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. ...
11 months ago Tenable.com

CVE-2024-3211 - The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to SQL Injection via the 'productid' attribute of the ec_addtocart shortcode in all versions up to, and including, 5.6.3 due to insufficient escaping on the user supplied ...
8 months ago Tenable.com

CVE-2023-52737 - In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This ...
7 months ago Tenable.com

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
1 year ago