Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-20 | CVE-2006-1924 | Input Validation vulnerability in Linpha 1.0/1.1.0 SQL injection vulnerability in functions/db_api.php in LinPHA 1.1.1 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 6.4 |
| 2006-04-20 | CVE-2006-1923 | Input Validation vulnerability in Linpha 1.0/1.1.0 Multiple cross-site scripting (XSS) vulnerabilities in LinPHA before 1.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) RSS/RSS.php and (2) possibly other vectors. network linpha | 5.8 |
| 2006-04-20 | CVE-2006-1922 | Remote File Include vulnerability in Sweetphp Totalcalendar 2.0/2.1/2.2 PHP remote file inclusion vulnerability in (1) about.php or (2) auth.php in TotalCalendar allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter. | 6.4 |
| 2006-04-20 | CVE-2006-1921 | Unspecified vulnerability in PHP NET Tools PHP NET Tools 2.7.1 nettools.php in PHP Net Tools 2.7.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. | 6.4 |
| 2006-04-20 | CVE-2006-1920 | SQL Injection vulnerability in Pmtool 1.2.2 SQL injection vulnerability in index.php in PMTool 1.2.2 allows remote attackers to execute arbitrary SQL commands via the order parameter in the include files (1) user.inc.php, (2) customer.inc.php, and (3) project.inc.php. | 6.4 |
| 2006-04-20 | CVE-2006-1919 | Remote File Include vulnerability in Thomas Voecking Internet Photoshow 1.3 PHP remote file inclusion vulnerability in index.php in Internet Photoshow 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |
| 2006-04-20 | CVE-2006-1918 | Cross-Site Scripting vulnerability in Papoo 2.1.5 Multiple cross-site scripting (XSS) vulnerabilities in Papoo 2.1.5 allow remote attackers to inject arbitrary web script or HTML via the menuid parameter to (1) index.php or (2) forum.php, or the (3) reporeid_print parameter to print.php. | 2.6 |
| 2006-04-20 | CVE-2006-1917 | SQL Injection vulnerability in Blackorpheus Clanmemberskript 1.0 SQL injection vulnerability in member.php in Blackorpheus ClanMemberSkript 1.0 allows remote attackers to execute arbitrary SQL commands via the userID parameter. | 7.5 |
| 2006-04-20 | CVE-2006-1916 | Input Validation vulnerability in Dbbs 2.0 Multiple cross-site scripting (XSS) vulnerabilities in profile.php in DbbS 2.0-alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ulocation or (2) uhobbies parameters. network dbbs | 6.8 |
| 2006-04-20 | CVE-2006-1915 | SQL-Injection vulnerability in Dbbs SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter. | 5.0 |