Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2007-01-30 CVE-2007-0582 SQL Injection vulnerability in Chernobile 1.0
SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbitrary SQL commands via the User (username) field.
network
low complexity
chernobile CWE-89
7.5
7.5
2007-01-30 CVE-2007-0581 Remote File Include vulnerability in Eclipsebb 0.5.0Lite
PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
low complexity
eclipsebb
7.5
7.5
2007-01-30 CVE-2007-0577 Remote File Include vulnerability in Acgvclick 0.2.0
PHP remote file inclusion vulnerability in function.inc.php in ACGVclick 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
network
low complexity
acgvclick
7.5
7.5
2007-01-30 CVE-2007-0576 Remote File Include vulnerability in Xt-Stats 2.3.0/2.4.0.B3
PHP remote file inclusion vulnerability in xt_counter.php in Xt-Stats 2.3.x up to 2.4.0.b3 allows remote attackers to execute arbitrary PHP code via a URL in the server_base_dir parameter.
network
low complexity
xt-stats
7.5
7.5
2007-01-30 CVE-2007-0575 SQL Injection vulnerability in AdMentor Admin Login
Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields.
network
low complexity
stefan-holmberg
7.5
7.5
2007-01-30 CVE-2007-0574 SQL Injection vulnerability in Spoonlabs Vivvo Article Management CMS 3.40
SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715.
network
low complexity
spoonlabs
7.5
7.5
2007-01-30 CVE-2007-0573 Remote File Include vulnerability in Nsgalphp 0.41
PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter.
network
low complexity
nsgalphp
7.5
7.5
2007-01-30 CVE-2007-0572 Remote Security vulnerability in Gaming Portal
PHP remote file inclusion vulnerability in include/irc/phpIRC.php in Drunken:Golem Gaming Portal 0.5.1 Alpha 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
network
low complexity
drunken-golem
7.5
7.5
2007-01-30 CVE-2007-0571 Remote File Include vulnerability in PHPmyreports 3.0.11
PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathModule parameter.
network
low complexity
phpmyreports
7.5
7.5
2007-01-30 CVE-2007-0570 Remote File Include vulnerability in Johannes Gijsbers AD Fundum Integratable News Script 0.02B
PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fundum Integratable News Script (AINS) 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ains_path parameter.
network
low complexity
johannes-gijsbers
7.5
7.5