Search
Find a vulnerability
Search criteria
9 vulnerabilities by knusperleicht
CVE-2006-6721 (GCVE-0-2006-6721)
Vulnerability from cvelistv5 – Published: 2006-12-23 11:00 – Updated: 2024-08-07 20:34
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/data/vulnerabilities… | x_refsource_MISC |
| http://secunia.com/advisories/23526 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/21637 | vdb-entryx_refsource_BID |
Date Public
2006-12-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:34:00.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
},
{
"name": "23526",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23526"
},
{
"name": "21637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21637"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-01-10T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
},
{
"name": "23526",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23526"
},
{
"name": "21637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21637"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in shout.php in Knusperleicht ShoutBox 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) sbNick or (2) sbKommentar parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html",
"refsource": "MISC",
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21637.html"
},
{
"name": "23526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23526"
},
{
"name": "21637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21637"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6721",
"datePublished": "2006-12-23T11:00:00.000Z",
"dateReserved": "2006-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:34:00.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4007 (GCVE-0-2006-4007)
Vulnerability from cvelistv5 – Published: 2006-08-07 19:00 – Updated: 2024-08-07 18:48
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/441810/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1333 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19274 | vdb-entryx_refsource_BID |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060801 [Kurdish Security # 17 ] GuestBook 3.5 Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441810/100/0/threaded"
},
{
"name": "1333",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1333"
},
{
"name": "guestbook-index-file-include(28133)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28133"
},
{
"name": "19274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19274"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060801 [Kurdish Security # 17 ] GuestBook 3.5 Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441810/100/0/threaded"
},
{
"name": "1333",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1333"
},
{
"name": "guestbook-index-file-include(28133)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28133"
},
{
"name": "19274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19274"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060801 [Kurdish Security # 17 ] GuestBook 3.5 Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441810/100/0/threaded"
},
{
"name": "1333",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1333"
},
{
"name": "guestbook-index-file-include(28133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28133"
},
{
"name": "19274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19274"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4007",
"datePublished": "2006-08-07T19:00:00.000Z",
"dateReserved": "2006-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4008 (GCVE-0-2006-4008)
Vulnerability from cvelistv5 – Published: 2006-08-07 19:00 – Updated: 2024-08-07 18:48
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/1332 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/441812/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19272 | vdb-entryx_refsource_BID |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "faqscripts-index-file-include(28130)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28130"
},
{
"name": "1332",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1332"
},
{
"name": "20060801 [Kurdish Security # 18 ] FAQ Script Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441812/100/0/threaded"
},
{
"name": "19272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "faqscripts-index-file-include(28130)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28130"
},
{
"name": "1332",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1332"
},
{
"name": "20060801 [Kurdish Security # 18 ] FAQ Script Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441812/100/0/threaded"
},
{
"name": "19272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19272"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "faqscripts-index-file-include(28130)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28130"
},
{
"name": "1332",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1332"
},
{
"name": "20060801 [Kurdish Security # 18 ] FAQ Script Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441812/100/0/threaded"
},
{
"name": "19272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19272"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4008",
"datePublished": "2006-08-07T19:00:00.000Z",
"dateReserved": "2006-08-07T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3987 (GCVE-0-2006-3987)
Vulnerability from cvelistv5 – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3089 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/441813/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/21294 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/1327 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19270 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/2104 | exploitx_refsource_EXPLOIT-DB |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3089",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3089"
},
{
"name": "20060801 [Kurdish Security # 19 ] FileManager Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441813/100/0/threaded"
},
{
"name": "21294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21294"
},
{
"name": "1327",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1327"
},
{
"name": "filemanager-index-file-include(28128)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28128"
},
{
"name": "19270",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19270"
},
{
"name": "2104",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3089",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3089"
},
{
"name": "20060801 [Kurdish Security # 19 ] FileManager Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441813/100/0/threaded"
},
{
"name": "21294",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21294"
},
{
"name": "1327",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1327"
},
{
"name": "filemanager-index-file-include(28128)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28128"
},
{
"name": "19270",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19270"
},
{
"name": "2104",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2104"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3089",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3089"
},
{
"name": "20060801 [Kurdish Security # 19 ] FileManager Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441813/100/0/threaded"
},
{
"name": "21294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21294"
},
{
"name": "1327",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1327"
},
{
"name": "filemanager-index-file-include(28128)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28128"
},
{
"name": "19270",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19270"
},
{
"name": "2104",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2104"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3987",
"datePublished": "2006-08-05T00:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3989 (GCVE-0-2006-3989)
Vulnerability from cvelistv5 – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/441815/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/2103 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19273 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/27709 | vdb-entryx_refsource_OSVDB |
| http://securityreason.com/securityalert/1325 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/21302 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/3090 | vdb-entryx_refsource_VUPEN |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
},
{
"name": "2103",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2103"
},
{
"name": "shoutbox-index-file-include(28123)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
},
{
"name": "19273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19273"
},
{
"name": "27709",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27709"
},
{
"name": "1325",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1325"
},
{
"name": "21302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21302"
},
{
"name": "ADV-2006-3090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3090"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
},
{
"name": "2103",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2103"
},
{
"name": "shoutbox-index-file-include(28123)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
},
{
"name": "19273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19273"
},
{
"name": "27709",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27709"
},
{
"name": "1325",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1325"
},
{
"name": "21302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21302"
},
{
"name": "ADV-2006-3090",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3090"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3989",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
},
{
"name": "2103",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2103"
},
{
"name": "shoutbox-index-file-include(28123)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
},
{
"name": "19273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19273"
},
{
"name": "27709",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27709"
},
{
"name": "1325",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1325"
},
{
"name": "21302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21302"
},
{
"name": "ADV-2006-3090",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3090"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3989",
"datePublished": "2006-08-05T00:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3986 (GCVE-0-2006-3986)
Vulnerability from cvelistv5 – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/441807/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/21314 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/1328 | third-party-advisoryx_refsource_SREASON |
| http://www.vupen.com/english/advisories/2006/3093 | vdb-entryx_refsource_VUPEN |
| https://www.exploit-db.com/exploits/2097 | exploitx_refsource_EXPLOIT-DB |
| http://www.securityfocus.com/bid/19267 | vdb-entryx_refsource_BID |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060801 NewsLetter v3.5 \u003c= (NL_PATH) Remote File Inclusion Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441807/100/0/threaded"
},
{
"name": "21314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21314"
},
{
"name": "newsletter-index-file-include(28109)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28109"
},
{
"name": "1328",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1328"
},
{
"name": "ADV-2006-3093",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3093"
},
{
"name": "2097",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2097"
},
{
"name": "19267",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19267"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060801 NewsLetter v3.5 \u003c= (NL_PATH) Remote File Inclusion Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441807/100/0/threaded"
},
{
"name": "21314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21314"
},
{
"name": "newsletter-index-file-include(28109)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28109"
},
{
"name": "1328",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1328"
},
{
"name": "ADV-2006-3093",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3093"
},
{
"name": "2097",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2097"
},
{
"name": "19267",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19267"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060801 NewsLetter v3.5 \u003c= (NL_PATH) Remote File Inclusion Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441807/100/0/threaded"
},
{
"name": "21314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21314"
},
{
"name": "newsletter-index-file-include(28109)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28109"
},
{
"name": "1328",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1328"
},
{
"name": "ADV-2006-3093",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3093"
},
{
"name": "2097",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2097"
},
{
"name": "19267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19267"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3986",
"datePublished": "2006-08-05T00:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3982 (GCVE-0-2006-3982)
Vulnerability from cvelistv5 – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/19271 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/441814/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1321 | third-party-advisoryx_refsource_SREASON |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "quickie-quickie-file-include(28125)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28125"
},
{
"name": "19271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19271"
},
{
"name": "20060801 [Kurdish Security # 20 ] Quickie Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441814/100/0/threaded"
},
{
"name": "1321",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "quickie-quickie-file-include(28125)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28125"
},
{
"name": "19271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19271"
},
{
"name": "20060801 [Kurdish Security # 20 ] Quickie Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441814/100/0/threaded"
},
{
"name": "1321",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1321"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "quickie-quickie-file-include(28125)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28125"
},
{
"name": "19271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19271"
},
{
"name": "20060801 [Kurdish Security # 20 ] Quickie Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441814/100/0/threaded"
},
{
"name": "1321",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1321"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3982",
"datePublished": "2006-08-05T00:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3988 (GCVE-0-2006-3988)
Vulnerability from cvelistv5 – Published: 2006-08-05 00:00 – Updated: 2024-08-07 18:48
VLAI
Summary
PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3092 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19275 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/21312 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/archive/1/441808/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1326 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/2101 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-08-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:48:39.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3092",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3092"
},
{
"name": "19275",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19275"
},
{
"name": "21312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21312"
},
{
"name": "20060801 [Kurdish Security # 16 ] newsReporter v1.0 Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/441808/100/0/threaded"
},
{
"name": "1326",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1326"
},
{
"name": "2101",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2101"
},
{
"name": "newsreporter-index-file-include(28095)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3092",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3092"
},
{
"name": "19275",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19275"
},
{
"name": "21312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21312"
},
{
"name": "20060801 [Kurdish Security # 16 ] newsReporter v1.0 Remote Command Execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/441808/100/0/threaded"
},
{
"name": "1326",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1326"
},
{
"name": "2101",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2101"
},
{
"name": "newsreporter-index-file-include(28095)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht newsReporter 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the news_include_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3092",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3092"
},
{
"name": "19275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19275"
},
{
"name": "21312",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21312"
},
{
"name": "20060801 [Kurdish Security # 16 ] newsReporter v1.0 Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441808/100/0/threaded"
},
{
"name": "1326",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1326"
},
{
"name": "2101",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2101"
},
{
"name": "newsreporter-index-file-include(28095)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3988",
"datePublished": "2006-08-05T00:00:00.000Z",
"dateReserved": "2006-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:48:39.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1220 (GCVE-0-2005-1220)
Vulnerability from cvelistv5 – Published: 2005-04-22 04:00 – Updated: 2024-08-07 21:44
VLAI
Summary
Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/15695 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=111402253108991&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/15015 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2005-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:44:05.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "knusperleicht-settings-info-disclosure(20177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20177"
},
{
"name": "15695",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/15695"
},
{
"name": "20050419 Shoutbox SCRIPT \u003c= 3.0.2 Administrative MD5 Username and Password Retrieval [x0n3-h4ck]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111402253108991\u0026w=2"
},
{
"name": "15015",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "knusperleicht-settings-info-disclosure(20177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20177"
},
{
"name": "15695",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/15695"
},
{
"name": "20050419 Shoutbox SCRIPT \u003c= 3.0.2 Administrative MD5 Username and Password Retrieval [x0n3-h4ck]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111402253108991\u0026w=2"
},
{
"name": "15015",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "knusperleicht-settings-info-disclosure(20177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20177"
},
{
"name": "15695",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15695"
},
{
"name": "20050419 Shoutbox SCRIPT \u003c= 3.0.2 Administrative MD5 Username and Password Retrieval [x0n3-h4ck]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111402253108991\u0026w=2"
},
{
"name": "15015",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1220",
"datePublished": "2005-04-22T04:00:00.000Z",
"dateReserved": "2005-04-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:44:05.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}