Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2006-12-07	CVE-2006-6351	Remote Security vulnerability in Khaledmuratlist KhaledMuratList stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) CL2F9R1A2C1N.mdb or (2) Data2F9R1A2C1N.mdb. network low complexity khaledmuratlist critical	10.0
2006-12-07	CVE-2006-6350	Remote Security vulnerability in Iisworks Listpics 5.0 listpics 5 stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for listpics.mdb. network low complexity iisworks critical	10.0
2006-12-07	CVE-2006-6349	SQL Injection vulnerability in PWP Technologies the Classified AD System Multiple SQL injection vulnerabilities in PWP Technologies The Classified Ad System allow remote attackers to execute arbitrary SQL commands via (1) the main parameter in a view action (includes/mainpage/view.asp) in default.asp or (2) a query in the search engine. network low complexity pwp-technologies CWE-89	7.5
2006-12-07	CVE-2006-6348	Cross-Site Scripting vulnerability in Mowdbb RC6 Cross-site scripting (XSS) vulnerability in board.php in mowdBB RC-6 allows remote attackers to inject arbitrary web script or HTML via the forum_name[] parameter. network mowdbb	6.8
2006-12-07	CVE-2006-6347	File-Upload vulnerability in TFT Gallery Unrestricted file upload vulnerability in TFT-Gallery allows remote authenticated administrators to upload arbitrary .php files, possibly using admin/index.php. network low complexity tft-gallery	6.5
2006-12-07	CVE-2006-6346	Multiple Unspecified vulnerability in SAP IGS Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. network low complexity sap critical	10.0
2006-12-07	CVE-2006-6345	Directory Traversal vulnerability in SAP Internet Graphics Service Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. network low complexity sap	7.5
2006-12-07	CVE-2006-6344	SQL-Injection vulnerability in Seditio Multiple unspecified vulnerabilities in Neocrome Seditio 1.10 and earlier have unknown impact and attack vectors related to (1) plugins/ipsearch/ipsearch.admin.php, and (2) pfs/pfs.edit.inc.php, (3) users/users.register.inc.php in system/core. network low complexity neocrome	7.5
2006-12-07	CVE-2006-6343	SQL Injection vulnerability in Seditio/Land Down Under Polls.PHP SQL injection vulnerability in polls.php in Neocrome Seditio 1.10 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. network neocrome	6.8
2006-12-07	CVE-2006-6342	SQL-Injection vulnerability in Klf-Realty Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. network low complexity klf-design	7.5

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities