Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-15 | CVE-2006-6576 | Out-Of-Bounds Write vulnerability in Goldenftpserver Golden FTP Server 1.92 Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. | 7.5 |
| 2006-12-15 | CVE-2006-6575 | Remote Security vulnerability in Yaplap 0.6/0.6.1 PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the LOGIN_style parameter. | 7.5 |
| 2006-12-15 | CVE-2006-6570 | Input Validation vulnerability in Genesistrader 1.0 Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action. | 7.5 |
| 2006-12-15 | CVE-2006-6569 | Input Validation vulnerability in Genesistrader 1.0 form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter. | 7.8 |
| 2006-12-15 | CVE-2006-6566 | Remote Security vulnerability in Mxbb 0.91C PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 7.5 |
| 2006-12-14 | CVE-2006-6304 | Resource Management Errors vulnerability in Linux Kernel 2.6.19 The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump. | 7.5 |
| 2006-12-14 | CVE-2006-6560 | Remote Security vulnerability in Mxbb Modsdb 1.0.0 PHP remote file inclusion vulnerability in includes/common.php in the mx_modsdb 1.0.0 module for MxBB (aka MX-System) Portal allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 7.5 |
| 2006-12-14 | CVE-2006-6559 | SQL-Injection vulnerability in Lotfian Request for Travel 1.0 SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter. | 7.5 |
| 2006-12-14 | CVE-2006-6556 | Unspecified vulnerability in Eyeos 0.9.2 The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation. | 7.5 |
| 2006-12-14 | CVE-2006-6555 | SQL-Injection vulnerability in Easyfill 0.5 Multiple SQL injection vulnerabilities in EasyFill before 0.5.1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |