CyberSecurityBoard
Sponsor Register Login

CVE-2006-3364

SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS before 4.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Upgrade to BLOG:CMS version 4.1.0 : http://sourceforge.net/project/showfiles.php?group_id111880

Publication date: Fri, 07 Jul 2006 01:05:00 +0000


Cyber News related to CVE-2006-3364

CVE-2013-7035 -
medium
CVE-2013-3364 ...
55 years ago Tenable.com
CVE-2006-3364 - SQL injection vulnerability in index.php in the NP_SEO plugin in BLOG:CMS before 4.1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. Upgrade to BLOG:CMS version 4.1.0 : ...
6 years ago
CVE-2018-7573 - An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. ...
6 years ago
CVE-2010-3364 - The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. ...
14 years ago
CVE-2011-3364 - Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create ...
13 years ago
CVE-2014-3364 - Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML via a (1) Access Policies or (2) Device Summary ...
10 years ago
CVE-2005-3364 - Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ...
8 years ago
CVE-2015-3364 - Cross-site scripting (XSS) vulnerability in the Content Analysis module before 6.x-1.7 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a log message. ...
8 years ago
CVE-2009-3364 - Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command. ...
7 years ago
CVE-2008-3364 - Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security ...
7 years ago
CVE-2016-3364 - Microsoft Visio 2016 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." ...
6 years ago
CVE-2007-3364 - Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sample page in MyServer 0.8.9 allows remote attackers to inject arbitrary web script or HTML via the body content. ...
6 years ago
CVE-2020-3364 - A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route ...
4 years ago
CVE-2022-3364 - Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. ...
2 years ago
CVE-2012-3364 - Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with ...
2 years ago
CVE-2017-3364 - Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker ...
5 years ago
CVE-2023-3364 - An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible ...
1 year ago
CVE-2024-3364 - A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. ...
11 months ago Tenable.com
CVE-2021-47440 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com
CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
55 years ago Tenable.com
CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
1 year ago
CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago
CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago
CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)