CVE-2006-4356

SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Publication date: Sun, 27 Aug 2006 07:04:00 +0000

Cyber News related to CVE-2006-4356

CVE-2006-4356 - SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
6 years ago

CVE-2016-4574 - Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of ...
6 months ago

CVE-2010-4356 - SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter. ...
13 years ago

CVE-2005-4356 - SQL injection vulnerability in UStore allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party ...
13 years ago

CVE-2011-4356 - Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local ...
12 years ago

CVE-2012-4356 - Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode ...
11 years ago

CVE-2015-4356 - Cross-site scripting (XSS) vulnerability in the view-based webform results table in the Webform module 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a webform. ...
9 years ago

CVE-2013-4356 - Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid memory and cause a denial of service (crash). ...
7 years ago

CVE-2014-4356 - Apple iOS before 8 does not follow the intended configuration setting for text-message preview on the lock screen, which allows physically proximate attackers to obtain sensitive information by reading this screen. ...
6 years ago

CVE-2008-4356 - Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result ...
6 years ago

CVE-2009-4356 - Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitrary code via malformed (1) JPEG or (2) PNG data in an MP3 file. ...
5 years ago

CVE-2018-4356 - A permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12. ...
3 years ago

CVE-2007-4356 - Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) ...
2 years ago

CVE-2022-4356 - The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin ...
1 year ago

CVE-2016-4356 - The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data. ...
6 months ago

CVE-2021-4356 - The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Download ...
1 year ago

CVE-2023-4356 - Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: ...
10 months ago

CVE-2017-4356 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2024-4356 - The List categories plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'categories' shortcode in all versions up to, and including, 0.4 due to insufficient input sanitization and output escaping on user ...
1 month ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
6 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

Latest Cyber News

CVE-2024-6440 - 2 hours ago
CVE-2024-6439 - 2 hours ago
CVE-2024-6438 - 2 hours ago
CVE-2024-6264 - 2 hours ago
CVE-2024-6099 - 2 hours ago
CVE-2024-6088 - 2 hours ago
CVE-2024-4268 - 2 hours ago
CVE-2024-34593 - 3 hours ago
CVE-2024-20897 - 3 hours ago
CVE-2024-20888 - 3 hours ago
CVE-2024-20894 - 3 hours ago
CVE-2024-6012 - 3 hours ago
CVE-2024-6011 - 3 hours ago
CVE-2024-34601 - 3 hours ago
CVE-2024-34600 - 3 hours ago
CVE-2024-34599 - 3 hours ago
CVE-2024-34597 - 3 hours ago
CVE-2024-34596 - 3 hours ago
CVE-2024-34595 - 3 hours ago
CVE-2024-34594 - 3 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-21466 - 22 hours ago
CVE-2024-34593 - 3 hours ago
CVE-2024-20897 - 3 hours ago
CVE-2024-20888 - 3 hours ago
CVE-2024-20894 - 3 hours ago
CVE-2024-6012 - 3 hours ago
CVE-2024-6011 - 3 hours ago
CVE-2024-34601 - 3 hours ago
CVE-2024-34600 - 3 hours ago
CVE-2024-34599 - 3 hours ago
CVE-2024-34597 - 3 hours ago
CVE-2024-34596 - 3 hours ago
CVE-2024-34595 - 3 hours ago
CVE-2024-34594 - 3 hours ago
CVE-2024-34592 - 3 hours ago
CVE-2024-34591 - 3 hours ago
CVE-2024-34590 - 3 hours ago
CVE-2024-34589 - 3 hours ago
CVE-2024-34588 - 3 hours ago
CVE-2024-34587 - 3 hours ago