CVE-2006-6523

Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote attackers to inject arbitrary web script or HTML via the account parameter.

Publication date: Thu, 14 Dec 2006 07:28:00 +0000

Cyber News related to CVE-2006-6523

CVE-2006-6523 - Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote attackers to inject arbitrary web script or HTML via the account parameter. ...
5 years ago

CVE-2014-6523 - Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via vectors related to REST Interface. ...
8 years ago

CVE-2016-6523 - Multiple cross-site scripting (XSS) vulnerabilities in the media manager in Dotclear before 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) link_type parameter to admin/media.php. ...
7 years ago

CVE-2015-6523 - Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via a request to the ...
7 years ago

CVE-2012-6523 - Multiple cross-site scripting (XSS) vulnerabilities in w-CMS 2.01 allow remote attackers to inject arbitrary web script or HTML via (1) the p parameter in the getMenus function in codes/wcms.php; or the COMMENT parameter in (2) blog.php, (3) ...
7 years ago

CVE-2008-6523 - auth.php in openInvoice 0.90 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the oiauth cookie. NOTE: this can be leveraged with a separate vulnerability in resetpass.php to modify passwords for ...
7 years ago

CVE-2018-6523 - In nProtect AVS V4.0 before 4.0.0.39, the driver file (TKFsAv.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x22045c. ...
9 months ago

CVE-2007-6523 - Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks. ...
5 years ago

CVE-2019-6523 - WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands. ...
5 years ago

CVE-2018-17669 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
4 years ago

CVE-2020-6523 - Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. ...
3 years ago

CVE-2013-6523 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
54 years ago Tenable.com

CVE-2023-6523 - Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.This issue affects Extreme XDS: before 3914. ...
6 months ago Tenable.com

CVE-2024-6523 - A vulnerability was found in ZKTeco BioTime up to 9.5.2. It has been classified as problematic. Affected is an unknown function of the component system-group-add Handler. The manipulation of the argument user with the input ...
2 months ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
9 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1531 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-5424 - Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than ...
7 years ago

CVE-2006-6653 - The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which ...
13 years ago

CVE-2006-0264 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0259. Reason: This candidate is subsumed by CVE-2006-0259. An error during initial CVE analysis used the wrong set of affected versions for "DB10". Notes: All CVE users ...
54 years ago Tenable.com

CVE-2007-0913 - Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as exploited by Trojan.PPDropper.G. NOTE: as of 20070213, it is not clear whether this is the same issue as ...
15 years ago

Latest Cyber News

CVE-2024-9550 - 1 hour ago
CVE-2024-45245 - 2 hours ago
CVE-2024-9549 - 6 hours ago
CVE-2024-9536 - 18 hours ago
CVE-2024-47377 - 18 hours ago
CVE-2024-47376 - 18 hours ago
CVE-2024-47375 - 18 hours ago
CVE-2024-47374 - 18 hours ago
CVE-2024-47373 - 18 hours ago
CVE-2024-47372 - 18 hours ago
CVE-2024-47371 - 18 hours ago
CVE-2024-47370 - 18 hours ago
CVE-2024-47369 - 18 hours ago
CVE-2024-47624 - 19 hours ago
CVE-2024-47623 - 19 hours ago
CVE-2024-47622 - 19 hours ago
CVE-2024-47621 - 19 hours ago
CVE-2024-47395 - 19 hours ago
CVE-2024-47394 - 19 hours ago
CVE-2024-47393 - 19 hours ago

Cyber Trends (last 7 days)

Okta - 10 months ago
23andMe - 10 months ago
Kimsuky - 10 months ago
LogoFAIL - 9 months ago
Gh0st rat - 10 months ago

Trending Cyber News (last 7 days)

CVE-2024-45245 - 2 hours ago
CVE-2024-9550 - 1 hour ago
CVE-2024-9549 - 6 hours ago
CVE-2024-9536 - 18 hours ago
CVE-2024-47377 - 18 hours ago
CVE-2024-47376 - 18 hours ago
CVE-2024-47375 - 18 hours ago
CVE-2024-47374 - 18 hours ago
CVE-2024-47373 - 18 hours ago
CVE-2024-47372 - 18 hours ago
CVE-2024-47371 - 18 hours ago
CVE-2024-47370 - 18 hours ago
CVE-2024-47369 - 18 hours ago
CVE-2024-9535 - 20 hours ago
CVE-2024-9534 - 20 hours ago
CVE-2024-47630 - 20 hours ago
CVE-2024-47629 - 20 hours ago
CVE-2024-47628 - 20 hours ago
CVE-2024-47627 - 20 hours ago
CVE-2024-47626 - 20 hours ago