Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-04 | CVE-2008-7161 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Fortigate-1000 3.00 Fortinet FortiGuard Fortinet FortiGate-1000 3.00 build 040075,070111 allows remote attackers to bypass URL filtering via fragmented GET or POST requests that use HTTP/1.0 without the Host header. | 7.5 |
2009-09-03 | CVE-2009-3065 | Code Injection vulnerability in Rein Velt Vedit 01.4 PHP remote file inclusion vulnerability in editor/edit_htmlarea.php in Ve-EDIT 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the highlighter parameter. | 7.5 |
2009-09-03 | CVE-2009-3064 | Path Traversal vulnerability in Rein Velt Vedit 01.4 Directory traversal vulnerability in debugger/debug_php.php in Ve-EDIT 0.1.4 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2009-09-03 | CVE-2009-3063 | SQL Injection vulnerability in Indianpulses COM Gameserver 1.0 SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php. | 7.5 |
2009-09-03 | CVE-2009-3062 | SQL Injection vulnerability in PHPlivesupport. PHPlive! 3.3 SQL injection vulnerability in message_box.php in OSI Codes PHP Live! 3.3 allows remote attackers to execute arbitrary SQL commands via the deptid parameter. | 7.5 |
2009-09-03 | CVE-2009-3061 | SQL Injection vulnerability in Alqa6Ari Script Q R 1.0 SQL injection vulnerability in lesson.php in Alqatari Q R Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2009-09-03 | CVE-2009-3059 | SQL Injection vulnerability in Allpublication Jboard Multiple SQL injection vulnerabilities in Joker Board (aka JBoard) 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via (1) core/select.php or (2) the city parameter to top_add.inc.php, reachable through sboard.php. | 7.5 |
2009-09-03 | CVE-2009-3056 | Code Injection vulnerability in BAS Bloemsaat Kingcms 0.6.0 PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[AdminPath] parameter. | 7.5 |
2009-09-03 | CVE-2009-3055 | Code Injection vulnerability in Dlecms DLE 8.2 PHP remote file inclusion vulnerability in engine/api/api.class.php in DataLife Engine (DLE) 8.2 allows remote attackers to execute arbitrary PHP code via a URL in the dle_config_api parameter. | 7.5 |
2009-09-03 | CVE-2009-3054 | SQL Injection vulnerability in Artetics COM Artportal 1.0 SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php. | 7.5 |