Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-19 | CVE-2007-0361 | Remote File Include vulnerability in Comscripts PHPmyphorum 1.5A PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers to execute arbitrary PHP code via a URL in the chem parameter. | 7.5 |
| 2007-01-19 | CVE-2007-0360 | Remote File Include vulnerability in Oreon PHP remote file inclusion vulnerability in lang/index.php in Oreon 1.2.3 RC4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | 7.5 |
| 2007-01-19 | CVE-2007-0359 | Remote File Include vulnerability in Uberghey CMS 0.3.1 PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter. | 7.5 |
| 2007-01-19 | CVE-2007-0358 | Denial Of Service vulnerability in HP Jetdirect Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors. | 7.8 |
| 2007-01-19 | CVE-2007-0355 | Buffer Errors vulnerability in Apple mac OS X and Minimal SLP Service Agent Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, including 10.4.8, allows local users, and possibly remote attackers, to gain privileges and possibly execute arbitrary code via a registration request with an invalid attr-list field. | 7.2 |
| 2007-01-19 | CVE-2007-0350 | SQL Injection vulnerability in SME Filemailer Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ps, (2) us, (3) f, or (4) code parameter. | 7.5 |
| 2007-01-19 | CVE-2006-5964 | Multiple vulnerability in Pentaware Pentasuite-Pro and Pentazip choShilA.bpl in PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221 allows local users, and user-assisted remote attackers to cause a denial of service (system crash) by right clicking on a file with a long filename. network pentaware | 7.1 |
| 2007-01-18 | CVE-2007-0346 | SQL-Injection vulnerability in SME Filemailer 1.21 SQL injection vulnerability in index.php in SmE FileMailer 1.21 allows remote attackers to execute arbitrary SQL commands via the us parameter. | 7.5 |
| 2007-01-18 | CVE-2007-0344 | USE of Externally-Controlled Format String vulnerability in Colloquy Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, related to the implementation of AlertSheet and AlertPanel in Apple AppKit. | 7.5 |
| 2007-01-18 | CVE-2007-0340 | SQL-Injection vulnerability in Thwboard SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84-php5 and earlier allows remote attackers to execute arbitrary SQL commands via the board[styleid] parameter to index.php. | 7.5 |