Security Vulnerabilities, CVEs, Published In May 2006 (Gain Privilege)
newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and gain administrative access by setting the loggedIn cookie to "xY1zZoPQ".
Max CVSS
7.5
EPSS Score
17.23%
Published
2006-05-30
Updated
2018-10-18
CVE-2006-2369
Public exploit
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
Max CVSS
7.5
EPSS Score
97.20%
Published
2006-05-15
Updated
2022-05-13
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly enforce RIPv2 authentication requirements, which allows remote attackers to modify routing state via RIPv1 RESPONSE packets.
Max CVSS
5.0
EPSS Score
12.50%
Published
2006-05-05
Updated
2018-10-18
3 vulnerabilities found