Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-02-06 | CVE-2007-0786 | SQL Injection vulnerability in Noname Media Photo Galerie Standard 1.1 SQL injection vulnerability in view.php in Noname Media Photo Galerie Standard 1.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-02-06 | CVE-2007-0785 | Remote File Include vulnerability in Flip PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | 7.5 |
| 2007-02-06 | CVE-2007-0784 | SQL-Injection vulnerability in Tpassword SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection (aka RBL - ASP) allows remote attackers to execute arbitrary SQL commands via the (1) User and (2) Password parameters. | 7.5 |
| 2007-02-06 | CVE-2007-0765 | SQL Injection vulnerability in Curium CMS News.PHP SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote attackers to execute arbitrary SQL commands via the c_id parameter. | 7.5 |
| 2007-02-06 | CVE-2007-0762 | Remote File Include vulnerability in PHPbb++ Build100 PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2007-02-06 | CVE-2007-0761 | Remote Security vulnerability in PHPbb Ezboard Converter 0.2 PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the ezconvert_dir parameter. | 7.5 |
| 2007-02-06 | CVE-2007-0760 | Authentication Bypass vulnerability in Eqdkp 1.3.1 EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer. | 7.5 |
| 2007-02-06 | CVE-2007-0759 | Input Validation vulnerability in Umberto Caldera Easymoblog 0.5.1 Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remote attackers to execute arbitrary SQL commands via the (1) i or (2) post_id parameter to add_comment.php, which triggers an injection in libraries.inc.php; or (3) the i parameter to list_comments.php, which triggers an injection in libraries.inc.php. | 7.5 |
| 2007-02-06 | CVE-2007-0758 | Remote File Include vulnerability in PHPprobid 5.24 PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 allows remote attackers to execute arbitrary PHP code via a URL in the SRC attribute of an HTML element in the lang parameter. | 7.5 |
| 2007-02-06 | CVE-2007-0757 | Remote File Include vulnerability in DreamStats System Rootpath PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter. | 7.5 |