CyberSecurityBoard
Sponsor Register Login

CVE-2006-6094

Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query parameter to activenews_search.asp.

Publication date: Sat, 25 Nov 2006 00:07:00 +0000


Cyber News related to CVE-2006-6094

CVE-2006-6095 - Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp. NOTE: the ...
7 years ago
CVE-2006-6094 - Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) catID parameter to activeNews_categories.asp, the (2) articleID parameter to activeNews_comments.asp, or the (3) query ...
6 years ago
CVE-2007-6094 - The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS). ...
16 years ago
CVE-2016-6094 - IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 generates an error message that includes sensitive information about its environment, users, or associated data. ...
8 years ago
CVE-2008-6094 - Cross-site scripting (XSS) vulnerability in user.do in Celoxis Technologies Celoxis allows remote attackers to inject arbitrary web script or HTML via the ni.smessage parameter. ...
7 years ago
CVE-2017-6094 - CPEs used by subscribers on the access network receive their individual configuration settings from a central GAPS instance. A CPE identifies itself by the MAC address of its WAN interface and a certain "chk" value (48bit) derived from the ...
1 year ago
CVE-2015-6094 - Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka ...
6 years ago
CVE-2018-6094 - Inline metadata in GarbageCollection in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
4 years ago
CVE-2012-6094 - cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system ...
4 years ago
CVE-2020-6094 - An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code ...
3 years ago
CVE-2013-6094 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
55 years ago Tenable.com
CVE-2023-6094 - A vulnerability has been identified in OnCell G3150A-LTE Series firmware versions v1.3 and prior. The vulnerability results from lack of protection for sensitive information during transmission. An attacker eavesdropping on the traffic between the ...
1 year ago
CVE-2024-6094 - The WP ULike WordPress plugin before 4.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed ...
8 months ago
CVE-2025-6094 - A vulnerability, which was classified as critical, has been found in FoxCMS up to 1.2.5. This issue affects the function batchCope of the file app/admin/controller/Download.php. The manipulation of the argument ids leads to sql injection. The attack ...
15 hours ago
CVE-2024-53123 - In the Linux kernel, the following vulnerability has been resolved: ...
6 months ago
CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
55 years ago Tenable.com
CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
55 years ago Tenable.com
CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
1 year ago
CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago
CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago
CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago
CVE-2006-1531 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago
CVE-2006-5424 - Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than ...
7 years ago
CVE-2006-6653 - The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which ...
13 years ago
CVE-2006-0264 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0259. Reason: This candidate is subsumed by CVE-2006-0259. An error during initial CVE analysis used the wrong set of affected versions for "DB10". Notes: All CVE users ...
55 years ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)