CVE-2006-4708

CVE-2007-4088 - Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) f, (3) quote, and (4) act parameters to cp.php; the (5) u parameter to user.php; the (6) f ...
6 years ago

mySCADA myPRO - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to remotely execute code on the affected device. The affected application uses a hard-coded password which could allow an attacker to remotely execute code on the ...
5 days ago Cisa.gov

CVE-2006-4708 - Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php. ...
5 years ago

CVE-2009-4708 - SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
14 years ago

CVE-2011-4708 - Cross-site scripting (XSS) vulnerability in IBM Rational Asset Manager before 7.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
12 years ago

CVE-2012-4708 - Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. ...
11 years ago

CVE-2013-4708 - The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc. SEIL/x86 1.00 through 2.80, SEIL/X1 1.00 through 4.30, SEIL/X2 1.00 through 4.30, SEIL/B1 1.00 through 4.30, SEIL/Turbo 1.80 through 2.15, and SEIL/neu 2FE Plus 1.80 through 2.15 ...
10 years ago

CVE-2007-4708 - Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler. ...
6 years ago

CVE-2008-4708 - BbZL.PhP 0.92 allows remote attackers to bypass authentication and gain administrative access by setting the phorum_admin_session cookie to 1. ...
6 years ago

CVE-2005-4708 - Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local ...
5 years ago

CVE-2010-4708 - The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env ...
5 years ago

CVE-2016-4708 - CFNetwork in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 misparses the Set-Cookie header, which allows remote attackers to obtain sensitive information via a crafted HTTP response. ...
5 years ago

CVE-2020-4708 - IBM Security Trusteer Pinpoint Detect 11.6.5 could disclose some information due to using a wildcard in the Access-Control-Allow-Origin header. IBM X-Force ID: 187371. ...
2 years ago

CVE-2022-4708 - The Royal Elementor Addons plugin for WordPress is vulnerable to insufficient access control in the 'wpr_save_template_conditions' AJAX action in versions up to, and including, 1.3.59. This allows any authenticated user, including those with ...
11 months ago

CVE-2023-4708 - A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql ...
10 months ago

CVE-2018-4708 - ** REJECT ** This candidate is unused by its CNA. ...
9 months ago

CVE-2017-4708 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2024-4708 - mySCADA myPRO ...
4 days ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
7 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1531 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago