CVE-2006-3797

SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentication, spoof users, and modify settings via the (1) memberpw and (2) membercookie cookies.

Publication date: Mon, 24 Jul 2006 17:19:00 +0000

Cyber News related to CVE-2006-3797

CVE-2006-3797 - SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentication, spoof users, and modify settings via the (1) memberpw and (2) membercookie cookies. ...
6 years ago

CVE-2015-3798 - The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a ...
8 years ago

CVE-2015-3797 - The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a ...
8 years ago

CVE-2015-3796 - The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a ...
7 years ago

CVE-2021-3797 - hestiacp is vulnerable to Use of Wrong Operator in String Comparison ...
3 years ago

CVE-2020-3797 - Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory corruption vulnerability. Successful exploitation could ...
3 years ago

CVE-2010-3797 - Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. ...
14 years ago

CVE-2011-3797 - ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files. ...
12 years ago

CVE-2012-3797 - Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap ...
11 years ago

CVE-2016-3797 - The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085680 and Qualcomm internal bug CR1001450. ...
8 years ago

CVE-2005-1891 - The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a malformed buddy icon that causes an integer underflow in a loop counter variable. ...
1 year ago

CVE-2005-3797 - PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter. ...
7 years ago

CVE-2017-3797 - A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. More Information: CSCvb60655. Known Affected Releases: 2.7. ...
7 years ago

CVE-2013-3797 - Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem/DevFS. ...
7 years ago

CVE-2009-3797 - Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. ...
7 years ago

CVE-2014-3797 - Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
6 years ago

CVE-2019-3797 - This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ‘startingWith’, ‘endingWith’ or ‘containing’ could return more results than anticipated when a maliciously ...
5 years ago

CVE-2019-12788 - An issue was discovered in Photodex ProShow Producer v9.0.3797 (an application that runs with Administrator privileges). It is possible to perform a buffer overflow via a crafted file. ...
2 years ago

CVE-2022-3797 - A vulnerability was found in eolinker apinto-dashboard. It has been rated as problematic. This issue affects some unknown processing of the file /login. The manipulation of the argument callback leads to open redirect. The attack may be initiated ...
2 years ago

CVE-2023-3797 - A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file ...
1 year ago

CVE-2024-3797 - A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bookmark.php?bookmark=1. The manipulation of the argument bookmark leads ...
9 months ago Tenable.com

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
55 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
1 year ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

Latest Cyber News

CVE-2025-24973 - 2 hours ago
CVE-2025-24976 - 2 hours ago
CVE-2025-24807 - 2 hours ago
CVE-2025-24896 - 2 hours ago
CVE-2025-24897 - 2 hours ago
CVE-2025-24900 - 2 hours ago
CVE-2025-22467 - 2 hours ago
CVE-2024-47908 - 2 hours ago
CVE-2024-13813 - 2 hours ago
CVE-2024-13830 - 2 hours ago
CVE-2024-13842 - 2 hours ago
CVE-2024-13843 - 2 hours ago
CVE-2024-10644 - 2 hours ago
CVE-2024-11771 - 2 hours ago
CVE-2024-12058 - 2 hours ago
CVE-2024-12797 - 2 hours ago
CVE-2024-33659 - 3 hours ago
CVE-2025-1231 - 4 hours ago
CVE-2025-26492 - 4 hours ago
CVE-2025-26493 - 4 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-10334 - 1 day ago
CVE-2025-1149 - 1 day ago
CVE-2024-11831 - 1 day ago
CVE-2024-12133 - 1 day ago
CVE-2024-12243 - 1 day ago
CVE-2024-57950 - 1 day ago
CVE-2025-21686 - 1 day ago
CVE-2025-21687 - 1 day ago
CVE-2025-21688 - 1 day ago
CVE-2025-21689 - 1 day ago
CVE-2025-21690 - 1 day ago
CVE-2025-21691 - 1 day ago
CVE-2025-21692 - 1 day ago
CVE-2025-21693 - 1 day ago
CVE-2025-24031 - 1 day ago
CVE-2025-24032 - 1 day ago
CVE-2025-24892 - 1 day ago
CVE-2025-25186 - 1 day ago
CVE-2025-1150 - 1 day ago
CVE-2025-1151 - 1 day ago