CVE-2006-6727

PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.

Publication date: Wed, 27 Dec 2006 03:28:00 +0000

Cyber News related to CVE-2006-6727

CVE-2023-52578 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago

CVE-2006-6727 - PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. ...
13 years ago

CVE-2007-6727 - SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute arbitrary SQL commands via the forum parameter. ...
15 years ago

CVE-2014-6727 - The Mikeius (Official App) (aka com.automon.mikeius) application 1.4.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ...
9 years ago

CVE-2015-6727 - The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text. ...
9 years ago

CVE-2016-6727 - The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. ...
7 years ago

CVE-2017-6727 - A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting ...
7 years ago

CVE-2013-6727 - The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote attackers to obtain sensitive information via unspecified vectors. ...
7 years ago

CVE-2008-6727 - Cross-site scripting (XSS) vulnerability in Ultimate PHP Board (UPB) 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. ...
7 years ago

CVE-2015-3648 - Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace before 7.2.6727 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter. ...
6 years ago

CVE-2019-6727 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ...
2 years ago

CVE-2023-6727 - Mattermost fails to perform correct authorization checks when creating a playbook action, allowing users without access to the playbook to create playbook actions. If the playbook action created is to post a message in a channel based on specific ...
10 months ago Tenable.com

CVE-2006-0092 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0992, CVE-2006-0158. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a Novell/Groupwise issue. In addition, this issue was a ...
54 years ago Tenable.com

CVE-2006-7224 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All ...
54 years ago Tenable.com

CVE-2006-5296 - PowerPoint in Microsoft Office 2003 does not properly handle a container object whose position value exceeds the record length, which allows user-assisted attackers to cause a denial of service (NULL dereference and application crash) via a crafted ...
11 months ago

CVE-2006-1530 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

CVE-2006-1529 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

CVE-2006-1723 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

CVE-2006-1531 - Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due ...
6 years ago

CVE-2006-5424 - Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than ...
7 years ago

CVE-2006-6653 - The accept function in NetBSD-current before 20061023, NetBSD 3.0 and 3.0.1 before 20061024, and NetBSD 2.x before 20061029 allows local users to cause a denial of service (socket consumption) via an invalid (1) name or (2) namelen parameter, which ...
13 years ago

CVE-2006-0264 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0259. Reason: This candidate is subsumed by CVE-2006-0259. An error during initial CVE analysis used the wrong set of affected versions for "DB10". Notes: All CVE users ...
54 years ago Tenable.com

CVE-2007-0913 - Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as exploited by Trojan.PPDropper.G. NOTE: as of 20070213, it is not clear whether this is the same issue as ...
15 years ago

CVE-2007-4168 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-4168. Reason: This candidate is a duplicate of CVE-2006-4168. It was inadvertently used in a vendor advisory when the "2006" year was intended. Notes: All CVE users ...
54 years ago Tenable.com

CVE-2006-7084 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7083. Reason: This candidate is a duplicate of CVE-2006-7083. Notes: All CVE users should reference CVE-2006-7083 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

Latest Cyber News

CVE-2024-43434 - 15 hours ago
CVE-2024-43436 - 15 hours ago
CVE-2024-43438 - 15 hours ago
CVE-2024-43440 - 15 hours ago
CVE-2024-43425 - 15 hours ago
CVE-2024-43426 - 15 hours ago
CVE-2024-43428 - 15 hours ago
CVE-2024-43431 - 15 hours ago
CVE-2024-8442 - 17 hours ago
CVE-2024-24914 - 17 hours ago
CVE-2024-10526 - 19 hours ago
CVE-2024-50169 - 20 hours ago
CVE-2024-50170 - 20 hours ago
CVE-2024-50171 - 20 hours ago
CVE-2024-50172 - 20 hours ago
CVE-2024-51504 - 20 hours ago
CVE-2024-50155 - 20 hours ago
CVE-2024-50156 - 20 hours ago
CVE-2024-50157 - 20 hours ago
CVE-2024-50158 - 20 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10081 - 1 day ago
CVE-2024-10082 - 1 day ago
CVE-2024-10916 - 1 day ago
CVE-2024-35146 - 1 day ago
CVE-2024-6861 - 1 day ago
CVE-2024-10919 - 1 day ago
CVE-2024-10920 - 1 day ago
CVE-2024-10318 - 1 day ago
CVE-2024-20371 - 1 day ago
CVE-2024-20418 - 1 day ago
CVE-2024-20445 - 1 day ago
CVE-2024-20457 - 1 day ago
CVE-2024-20476 - 1 day ago
CVE-2024-20484 - 1 day ago
CVE-2024-20487 - 1 day ago
CVE-2024-20504 - 1 day ago
CVE-2024-20507 - 1 day ago
CVE-2024-20511 - 1 day ago
CVE-2024-20514 - 1 day ago
CVE-2024-20525 - 1 day ago