Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-2267 | Remote Denial of Service vulnerability in Kerio WinRoute Firewall Kerio WinRoute Firewall before 6.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors in the "email protocol inspectors," possibly (1) SMTP and (2) POP3. | 5.0 |
| 2006-05-09 | CVE-2006-2266 | SQL Injection vulnerability in Chirpy 0.1 SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 7.5 |
| 2006-05-09 | CVE-2006-2265 | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. | 2.6 |
| 2006-05-09 | CVE-2006-2264 | Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00 Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. | 6.5 |
| 2006-05-09 | CVE-2006-2263 | SQL Injection vulnerability in Virtual Programming Vp-Asp 6.00 SQL injection vulnerability in shopcurrency.asp in VP-ASP 6.00 allows remote attackers to execute arbitrary SQL commands via the cid parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2262 | Cross-Site Scripting vulnerability in Singapore 0.9.7 Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.7 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | 2.6 |
| 2006-05-09 | CVE-2006-2261 | Remote File Include vulnerability in Acal 2.2.4/2.2.5/2.2.6 PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2260 | HTML Injection vulnerability in Drupal Project Module Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. network drupal | 4.3 |
| 2006-05-09 | CVE-2006-2259 | SQL Injection vulnerability in Maxxcode Maxxschedule 1.0 SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2258 | Input Validation vulnerability in Maxxcode Maxxschedule 1.0 Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter. | 2.6 |