Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-30 | CVE-2007-0569 | SQL Injection vulnerability in X-Dev Xnews 1.3 SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action. | 7.5 |
| 2007-01-30 | CVE-2007-0568 | Remote File Include vulnerability in Myphpcommander 2.0 PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the gl_root parameter. | 7.5 |
| 2007-01-30 | CVE-2007-0455 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. | 7.5 |
| 2007-01-30 | CVE-2007-0566 | SQL Injection vulnerability in ASP News News_Detail.ASP SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2007-01-30 | CVE-2007-0565 | Remote Command Execution vulnerability in CGI Rescue Shopping Cart Professional CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors. | 7.5 |
| 2007-01-30 | CVE-2007-0561 | Remote File Include vulnerability in Xero Portal Xero Portal 1.2 Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/. | 7.5 |
| 2007-01-30 | CVE-2007-0560 | SQL Injection vulnerability in ASP Edge ASP Edge 1.2B SQL injection vulnerability in user.asp in ASP EDGE 1.2b and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | 7.5 |
| 2007-01-30 | CVE-2007-0559 | Remote Security vulnerability in RP World RP World 1.0.2 PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sql_language parameter. | 7.5 |
| 2007-01-30 | CVE-2007-0558 | Remote Security vulnerability in Inter7 Vhostadmin 1.0 PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the MODULES_DIR parameter. | 7.5 |
| 2007-01-29 | CVE-2007-0557 | Local Security vulnerability in Rmake 1.0.3 rMake before 1.0.4 drops root privileges in a way that retains the original supplemental groups, which might allow attackers to gain privileges via a crafted recipe file, a different vulnerability than CVE-2007-0536. | 7.2 |