CVE-2006-5788

PHP remote file inclusion vulnerability in (1) index.php and (2) admin/index.php in IPrimal Forums as of 20061105 allows remote attackers to execute arbitrary PHP code via a URL in the p parameter.

Publication date: Wed, 08 Nov 2006 05:07:00 +0000

Cyber News related to CVE-2006-5788

CVE-2006-5788 - PHP remote file inclusion vulnerability in (1) index.php and (2) admin/index.php in IPrimal Forums as of 20061105 allows remote attackers to execute arbitrary PHP code via a URL in the p parameter. ...
5 years ago

CVE-2014-5788 - The Ninja Chicken Adventure Island (aka mominis.Generic_Android.Ninja_Chicken_Adventure_Island) application 1.1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain ...
9 years ago

CVE-2016-5788 - General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors. ...
7 years ago

CVE-2015-5788 - The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vectors involving a CANVAS element. ...
7 years ago

CVE-2007-5788 - Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP INVITE message. ...
6 years ago

CVE-2012-5788 - The PayPal IPN utility does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an ...
6 years ago

CVE-2008-5788 - SQL injection vulnerability in index.php in Domain Seller Pro 1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. ...
6 years ago

CVE-2018-5788 - An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Denial of Service in the RIM (Radio Interface Module) process running on the WiNG Access Point via ...
6 years ago

CVE-2017-5788 - A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found. ...
6 years ago

CVE-2020-5788 - Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/system/admin/certificates/delete action. ...
3 years ago

CVE-2013-5788 - Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. ...
2 years ago

CVE-2019-5788 - An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. ...
1 year ago

CVE-2024-5788 - The Silesia theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ attribute within the theme's Button shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. ...
4 days ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
6 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1531 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-5424 - Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than ...
6 years ago

CVE-2006-6653 - The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which ...
12 years ago

CVE-2006-0264 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0259. Reason: This candidate is subsumed by CVE-2006-0259. An error during initial CVE analysis used the wrong set of affected versions for "DB10". Notes: All CVE users ...
54 years ago Tenable.com

CVE-2007-0913 - Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as exploited by Trojan.PPDropper.G. NOTE: as of 20070213, it is not clear whether this is the same issue as ...
15 years ago

CVE-2007-4168 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4168. Reason: This candidate is a duplicate of CVE-2006-4168. It was inadvertently used in a vendor advisory when the "2006" year was intended. Notes: All CVE users ...
54 years ago Tenable.com

Latest Cyber News

CVE-2024-1062 - 48 minutes ago
CVE-2024-39119 - 2 hours ago
CVE-2016-6366 - 3 hours ago
CVE-2017-0210 - 3 hours ago
CVE-2017-8291 - 3 hours ago
CVE-2017-0147 - 3 hours ago
CVE-2017-0149 - 3 hours ago
CVE-2017-0005 - 3 hours ago
CVE-2017-0022 - 3 hours ago
CVE-2016-7256 - 3 hours ago
CVE-2006-0515 - 3 hours ago
CVE-2005-3669 - 3 hours ago
CVE-2005-4499 - 3 hours ago
CVE-2006-3906 - 3 hours ago
CVE-2016-3351 - 3 hours ago
CVE-2016-3298 - 3 hours ago
CVE-2016-3393 - 3 hours ago
CVE-2016-4657 - 3 hours ago
CVE-2016-4656 - 3 hours ago
CVE-2016-4655 - 3 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2023-5090 - 3 hours ago
CVE-2024-6441 - 3 hours ago
CVE-2024-39119 - 2 hours ago
CVE-2024-21466 - 1 day ago
CVE-2024-34593 - 5 hours ago
CVE-2024-20897 - 5 hours ago
CVE-2024-20888 - 5 hours ago
CVE-2024-20894 - 5 hours ago
CVE-2024-6012 - 5 hours ago
CVE-2024-6011 - 5 hours ago
CVE-2024-34601 - 5 hours ago
CVE-2024-34600 - 5 hours ago
CVE-2024-34599 - 5 hours ago
CVE-2024-34597 - 5 hours ago
CVE-2024-34596 - 5 hours ago
CVE-2024-34595 - 5 hours ago
CVE-2024-34594 - 5 hours ago
CVE-2024-34592 - 5 hours ago
CVE-2024-34591 - 5 hours ago
CVE-2024-34590 - 5 hours ago