CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2006(Gain Information)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-5027 +Info 2006-09-27 2018-10-17
5.0
None Remote Low Not required Partial None None
Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc; and (8) db_sybase.inc, which reveals the path in various error messages.
2 CVE-2006-5019 +Info 2006-09-27 2018-10-17
5.0
None Remote Low Not required Partial None None
Google Mini 4.4.102.M.36 and earlier allows remote attackers to obtain sensitive information via a direct request for /search with an invalid client parameter, which reveals the path in an error message.
3 CVE-2006-4989 +Info 2006-09-26 2018-10-17
5.0
None Remote Low Not required Partial None None
Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, which reveals the path in various error messages.
4 CVE-2006-4986 +Info 2006-09-26 2018-10-17
5.0
None Remote Low Not required Partial None None
Grayscale BandSite CMS allows remote attackers to obtain sensitive information via a direct request for (1) certain files in the includes/content directory, (2) includes/shows_preview.php, and (3) adminpanel/configform.php; and files in adminpanel/includes/ including (4) mailinglist/disphtmltbl.php, (5) mailinglist/dispxls.php, (6) mailinglist/sendshows.php, (7) previews/preview_bio.php, (8) previews/preview_genmerch.php, (9) previews/preview_fliers.php, (10) previews/preview_gbook.php, (11) previews/preview_interviews.php, (12) previews/preview_links.php, (13) previews/preview_lyrics.php, (14) previews/preview_membio.php, (15) previews/preview_merchphotos.php, (16) previews/preview_mp3s.php, (17) previews/preview_news.php, (18) previews/preview_photos.php, (19) previews/preview_releases.php, (20) previews/preview_relmerch.php, (21) previews/preview_relphotos.php, (22) previews/preview_reviews.php, (23) previews/preview_shows.php, (24) previews/preview_wearmerch.php, (25) change_forms/change_bio.php, (26) change_forms/change_fliers.php, (27) change_forms/change_gbook.php, (28) change_forms/change_gen_merch.php, (29) change_forms/change_interview.php, (30) change_forms/change_links.php, (31) change_forms/change_lyrics.php, (32) change_forms/change_members.php, (33) change_forms/change_merch.php, (34) change_forms/change_merch_pic.php, (35) change_forms/change_mp3s.php, (36) change_forms/change_news.php, (37) change_forms/change_photos.php, (38) change_forms/change_rel_merch.php, (39) change_forms/change_rel_pic.php, (40) change_forms/change_releases.php, (41) change_forms/change_reviews.php, (42) change_forms/change_shows.php, and (43) change_forms/change_wear_merch.php, which reveals the path in various error messages.
5 CVE-2006-4976 +Info 2006-09-25 2018-10-17
5.0
None Remote Low Not required Partial None None
The Date Library in John Lim ADOdb Library for PHP allows remote attackers to obtain sensitive information via a direct request for (1) server.php, (2) adodb-errorpear.inc.php, (3) adodb-iterator.inc.php, (4) adodb-pear.inc.php, (5) adodb-perf.inc.php, (6) adodb-xmlschema.inc.php, and (7) adodb.inc.php; files in datadict including (8) datadict-access.inc.php, (9) datadict-db2.inc.php, (10) datadict-generic.inc.php, (11) datadict-ibase.inc.php, (12) datadict-informix.inc.php, (13) datadict-mssql.inc.php, (14) datadict-mysql.inc.php, (15) datadict-oci8.inc.php, (16) datadict-postgres.inc.php, and (17) datadict-sybase.inc.php; files in drivers/ including (18) adodb-access.inc.php, (19) adodb-ado.inc.php, (20) adodb-ado_access.inc.php, (21) adodb-ado_mssql.inc.php, (22) adodb-borland_ibase.inc.php, (23) adodb-csv.inc.php, (24) adodb-db2.inc.php, (25) adodb-fbsql.inc.php, (26) adodb-firebird.inc.php, (27) adodb-ibase.inc.php, (28) adodb-informix.inc.php, (29) adodb-informix72.inc.php, (30) adodb-mssql.inc.php, (31) adodb-mssqlpo.inc.php, (32) adodb-mysql.inc.php, (33) adodb-mysqli.inc.php, (34) adodb-mysqlt.inc.php, (35) adodb-oci8.inc.php, (36) adodb-oci805.inc.php, (37) adodb-oci8po.inc.php, (38) adodb-odbc.inc.php, (39) adodb-odbc_mssql.inc.php, (40) adodb-odbc_oracle.inc.php, (41) adodb-oracle.inc.php, (42) adodb-postgres64.inc.php, (43) adodb-postgres7.inc.php, (44) adodb-proxy.inc.php, (45) adodb-sapdb.inc.php, (46) adodb-sqlanywhere.inc.php, (47) adodb-sqlite.inc.php, (48) adodb-sybase.inc.php, (49) adodb-vfp.inc.php; file in perf/ including (50) perf-db2.inc.php, (51) perf-informix.inc.php, (52) perf-mssql.inc.php, (53) perf-mysql.inc.php, (54) perf-oci8.inc.php, (55) perf-postgres.inc.php; tests/ files (56) benchmark.php, (57) client.php, (58) test-datadict.php, (59) test-perf.php, (60) test-pgblob.php, (61) test-php5.php, (62) test-xmlschema.php, (63) test.php, (64) test2.php, (65) test3.php, (66) test4.php, (67) test5.php, (68) test_rs_array.php, (69) testcache.php, (70) testdatabases.inc.php, (71) testgenid.php, (72) testmssql.php, (73) testoci8.php, (74) testoci8cursor.php, (75) testpaging.php, (76) testpear.php, (77) testsessions.php, (78) time.php, or (79) tmssql.php, which reveals the path in various error messages.
6 CVE-2006-4971 +Info 2006-09-25 2018-10-17
5.0
None Remote Low Not required Partial None None
MyBB (aka MyBulletinBoard) allows remote attackers to obtain sensitive information via a direct request for inc/plugins/hello.php, which reveals the path in an error message.
7 CVE-2006-4959 +Info 2006-09-23 2018-10-17
5.0
None Remote Low Not required Partial None None
Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
8 CVE-2006-4943 +Info 2006-09-23 2020-12-01
5.0
None Remote Low Not required Partial None None
course/jumpto.php in Moodle before 1.6.2 does not validate the session key (sesskey) before providing content from arbitrary local URIs, which allows remote attackers to obtain sensitive information via the jump parameter.
9 CVE-2006-4940 +Info 2006-09-23 2020-12-01
5.0
None Remote Low Not required Partial None None
login/forgot_password.php in Moodle before 1.6.2 allows remote attackers to obtain sensitive information (e-mail addresses and Moodle account names) via a find action.
10 CVE-2006-4937 +Info 2006-09-23 2020-12-01
4.0
None Remote Low ??? Partial None None
lib/setup.php in Moodle before 1.6.2 sets the error reporting level to 7 to display E_WARNING messages to users even if debugging is disabled, which might allow remote authenticated users to obtain sensitive information by triggering the messages.
11 CVE-2006-4908 +Info 2006-09-21 2018-10-17
5.0
None Remote Low Not required None Partial None
OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL containing an * (asterisk) wildcard, which displays all matching file and directory information.
12 CVE-2006-4907 +Info 2006-09-21 2018-10-17
5.0
None Remote Low Not required Partial None None
OSU 3.11alpha and 3.10a allows remote attackers to obtain sensitive information via a URL to a non-existent file, which displays the web root path in the resulting error message.
13 CVE-2006-4880 +Info 2006-09-19 2018-10-17
5.0
None Remote Low Not required Partial None None
David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) footer.php, (2) template.php, or (3) lastvisit.php, which reveals the installation path in various error messages.
14 CVE-2006-4873 +Info 2006-09-19 2018-10-17
5.0
None Remote Low Not required Partial None None
Jupiter CMS allows remote attackers to obtain sensitive information via a direct request for (1) includes/functions.php, (2) modules/register.php, (3) modules/poll.php, (4) modules/panel.php, (5) modules/pm.php, (6) modules/news.php, (7) modules/templates_change.php, (8) modules/users.php, (9) modules/misc.php, (10) modules/masspm.php, (11) modules/mass-email.php, (12) modules/main-nav.php, (13) modules/login.php, (14) modules/layout.php, (15) modules/hq.php, (16) modules/forum.php, (17) modules/forum-admin.php, (18) modules/events.php, (19) modules/emoticons.php, (20) modules/download.php, (21) modules/blocks.php, (22) modules/ban.php, (23) modules/badwords.php, (24) modules/ads.php, or (25) modules/admin.php, which reveals the installation path in various error messages. NOTE: The modules/online.php vector is already covered by CVE-2006-1679.
15 CVE-2006-4865 +Info 2006-09-19 2018-10-17
5.0
None Remote Low Not required None Partial None
Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive information via a direct request to cfgphpquiz/install.php and other unspecified vectors.
16 CVE-2006-4835 +Info 2006-09-15 2018-10-17
5.0
None Remote Low Not required Partial None None
Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
17 CVE-2006-4787 +Info 2006-09-14 2017-07-20
2.1
None Local Low Not required Partial None None
AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging functionality, which displays unencrypted passwords in an error message. NOTE: some details are obtained from third party information.
18 CVE-2006-4786 +Info 2006-09-14 2017-07-20
5.0
None Remote Low Not required Partial None None
Moodle 1.6.1 and earlier allows remote attackers to obtain sensitive information via (1) help.php and (2) other unspecified vectors involving scheduled backups.
19 CVE-2006-4744 +Info 2006-09-13 2018-10-17
5.0
None Remote Low Not required Partial None None
Abidia (1) O-Anywhere and (2) Abidia Wireless transmit authentication credentials in cleartext, which allows remote attackers to obtain sensitive information by sniffing.
20 CVE-2006-4743 +Info 2006-09-13 2018-10-17
5.0
None Remote Low Not required Partial None None
WordPress 2.0.2 through 2.0.5 allows remote attackers to obtain sensitive information via a direct request for (1) 404.php, (2) akismet.php, (3) archive.php, (4) archives.php, (5) attachment.php, (6) blogger.php, (7) comments.php, (8) comments-popup.php, (9) dotclear.php, (10) footer.php, (11) functions.php, (12) header.php, (13) hello.php, (14) wp-content/themes/default/index.php, (15) links.php, (16) livejournal.php, (17) mt.php, (18) page.php, (19) rss.php, (20) searchform.php, (21) search.php, (22) sidebar.php, (23) single.php, (24) textpattern.php, (25) upgrade-functions.php, (26) upgrade-schema.php, or (27) wp-db-backup.php, which reveal the path in various error messages. NOTE: another researcher has disputed the details of this report, stating that version 2.0.5 does not exist. NOTE: the admin-footer.php, admin-functions.php, default-filters.php, edit-form-advanced.php, edit-link-form.php, edit-page-form.php, kses.php, locale.php, rss-functions.php, template-loader.php, and wp-db.php vectors are already covered by CVE-2006-0986. The edit-form-comment.php, vars.php, and wp-settings.php vectors are already covered by CVE-2005-4463. The menu-header.php vector is already covered by CVE-2005-2110.
21 CVE-2006-4740 +Info 2006-09-13 2018-10-17
5.0
None Remote Low Not required Partial None None
Jetbox CMS allows remote attackers to obtain sensitive information via a direct request for certain files, which reveal the path in an error message.
22 CVE-2006-4735 +Info 2006-09-13 2018-10-17
5.0
None Remote Low Not required Partial None None
Kellan Elliott-McCrea MagpieRSS allows remote attackers to obtain sensitive information via a direct request for (1) rss_fetch.inc.php or (2) rss_parse.inc.php, which reveals the path in various error messages.
23 CVE-2006-4683 +Info 2006-09-11 2011-03-08
5.0
None Remote Low Not required Partial None None
IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE.
24 CVE-2006-4680 +Info 2006-09-11 2018-10-17
4.0
None Remote Low ??? Partial None None
The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information.
25 CVE-2006-4679 +Info 2006-09-11 2018-10-17
5.0
None Remote Low Not required Partial None None
DokuWiki before 2006-03-09c enables the debug feature by default, which allows remote attackers to obtain sensitive information by calling doku.php with the X-DOKUWIKI-DO HTTP header set to "debug".
26 CVE-2006-4676 +Info 2006-09-11 2017-10-19
1.2
None Local High Not required Partial None None
TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.
27 CVE-2006-4642 +Info 2006-09-08 2018-10-17
1.7
None Local Low ??? Partial None None
AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.
28 CVE-2006-4615 +Info 2006-09-07 2018-10-17
4.9
None Local Low Not required Complete None None
Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 stores usernames and passwords in plaintext in %PROGRAMFILES%\IMPlus\implus.cfg, which allows local users to obtain sensitive information by reading the file.
29 CVE-2006-4614 +Info 2006-09-07 2018-10-17
4.9
None Local Low Not required Complete None None
PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT_USER\Software\PDAapps\VeriChat.
30 CVE-2006-4595 200 +Info 2006-09-07 2020-02-10
5.0
None Remote Low Not required Partial None None
muforum (Āµforum) 0.4c stores membres/members.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes.
31 CVE-2006-4547 Sql +Info 2006-09-06 2018-10-17
6.5
None Remote Low ??? Partial Partial Partial
Lyris ListManager 8.95 allows remote authenticated users to obtain sensitive information by attempting to add a user with a ' (single quote) character in the name, which reveals the details of the underlying SQL query, possibly because of a forced SQL error or SQL injection.
32 CVE-2006-4539 Bypass +Info 2006-09-05 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
(1) includes/widgets/module_company_tickets.php and (2) includes/widgets/module_track_tickets.php Client Support Center in Cerberus Helpdesk 3.2 Build 317, and possibly earlier, allows remote attackers to bypass security restrictions and obtain sensitive information via the ticket parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
33 CVE-2006-4537 200 +Info 2006-09-05 2017-07-20
2.1
None Local Low Not required Partial None None
NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a "network breakin" event, which allows local users to obtain passwords by reading the file.
Total number of vulnerabilities : 33   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.