CVE-2006-6526

PHP remote file inclusion vulnerability in index.php in Gizzar 03162002 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter.

Publication date: Thu, 14 Dec 2006 07:28:00 +0000

Cyber News related to CVE-2006-6526

CVE-2006-6526 - PHP remote file inclusion vulnerability in index.php in Gizzar 03162002 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter. ...
5 years ago

CVE-2008-6526 - SQL injection vulnerability in index.php in BosDev BosClassifieds allows remote attackers to execute arbitrary SQL commands via the cat_id parameter, a different vector than CVE-2008-1838. ...
7 years ago

CVE-2019-6526 - Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to ...
2 years ago

CVE-2014-6526 - Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusion Middleware 7.0 allows remote attackers to affect integrity via unknown vectors related to Admin Console. ...
8 years ago

CVE-2015-6526 - The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0.2 on ppc64 platforms allows local users to cause a denial of service (infinite loop) via a deep 64-bit userspace backtrace. ...
7 years ago

CVE-2016-6526 - The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object. ...
7 years ago

CVE-2012-6526 - SQL injection vulnerability in show_code.php in Vastal I-Tech Freelance Zone allows remote attackers to execute arbitrary SQL commands via the code_id parameter. ...
7 years ago

CVE-2018-6526 - view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php. ...
6 years ago

CVE-2007-6526 - Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via the area_name parameter. ...
5 years ago

CVE-2017-6526 - An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi POST requests). ...
5 years ago

CVE-2020-6526 - Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. ...
3 years ago

CVE-2013-6526 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none ...
54 years ago Tenable.com

CVE-2023-6526 - The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient ...
8 months ago Tenable.com

CVE-2024-6526 - A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument ...
3 months ago

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
9 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-1531 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
5 years ago

CVE-2006-5424 - Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than ...
7 years ago

CVE-2006-6653 - The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which ...
13 years ago

CVE-2006-0264 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0259. Reason: This candidate is subsumed by CVE-2006-0259. An error during initial CVE analysis used the wrong set of affected versions for "DB10". Notes: All CVE users ...
54 years ago Tenable.com

CVE-2007-0913 - Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as exploited by Trojan.PPDropper.G. NOTE: as of 20070213, it is not clear whether this is the same issue as ...
15 years ago

Latest Cyber News

CVE-2024-47326 - 3 hours ago
CVE-2024-9553 - 3 hours ago
CVE-2024-47355 - 3 hours ago
CVE-2024-47352 - 3 hours ago
CVE-2024-47349 - 3 hours ago
CVE-2024-47348 - 3 hours ago
CVE-2024-47347 - 3 hours ago
CVE-2024-47346 - 3 hours ago
CVE-2024-47345 - 3 hours ago
CVE-2024-47343 - 3 hours ago
CVE-2024-47342 - 3 hours ago
CVE-2024-47341 - 3 hours ago
CVE-2024-47340 - 3 hours ago
CVE-2024-47339 - 3 hours ago
CVE-2024-47336 - 3 hours ago
CVE-2024-47333 - 3 hours ago
CVE-2024-47332 - 3 hours ago
CVE-2024-47329 - 3 hours ago
CVE-2024-47327 - 3 hours ago
CVE-2024-47368 - 4 hours ago

Cyber Trends (last 7 days)

Okta - 10 months ago
23andMe - 10 months ago
Kimsuky - 10 months ago
LogoFAIL - 9 months ago
Gh0st rat - 10 months ago

Trending Cyber News (last 7 days)

CVE-2024-47368 - 4 hours ago
CVE-2024-47367 - 4 hours ago
CVE-2024-47366 - 4 hours ago
CVE-2024-47364 - 4 hours ago
CVE-2024-47363 - 4 hours ago
CVE-2024-47360 - 4 hours ago
CVE-2024-47357 - 4 hours ago
CVE-2024-47356 - 4 hours ago
CVE-2024-9552 - 4 hours ago
CVE-2024-9551 - 4 hours ago
CVE-2024-47365 - 4 hours ago
CVE-2024-47326 - 3 hours ago
CVE-2024-9553 - 3 hours ago
CVE-2024-47355 - 3 hours ago
CVE-2024-47352 - 3 hours ago
CVE-2024-47349 - 3 hours ago
CVE-2024-47348 - 3 hours ago
CVE-2024-47347 - 3 hours ago
CVE-2024-47346 - 3 hours ago
CVE-2024-47345 - 3 hours ago