Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-10 | CVE-2006-6448 | SQL-Injection vulnerability in Vt-Forum Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the user parameter to vf_memberdetail.asp, and other unspecified vectors. | 7.5 |
| 2006-12-10 | CVE-2006-6445 | Local Code Include vulnerability in Envolution 1.1.0 Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2006-12-10 | CVE-2006-6379 | Unspecified vulnerability in Broadcom products Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2006-12-10 | CVE-2006-6440 | Remote Security vulnerability in Workcentre 238 Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allow remote attackers to have an unspecified impact via unspecified vectors relating to "HTTP Security issues." | 7.5 |
| 2006-12-10 | CVE-2006-6439 | Information Disclosure vulnerability in Workcentre 238 Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to download the audit log and obtain potentially sensitive information via unspecified vectors. | 7.8 |
| 2006-12-10 | CVE-2006-6437 | Denial-Of-Service vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 ops3-dmn in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows attackers to cause a denial of service (application crash and core dump) via a certain PS file. | 7.8 |
| 2006-12-10 | CVE-2006-6435 | Information Disclosure vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allows remote attackers to more easily gain system access and obtain sensitive information via a brute force attack. | 7.5 |
| 2006-12-10 | CVE-2006-6434 | Security Bypass vulnerability in Workcentre 238 Unspecified vulnerability in the Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to bypass authentication controls via unknown vectors. | 7.5 |
| 2006-12-10 | CVE-2006-6430 | Multiple vulnerability in Xerox WorkCentre and WorkCentre Pro Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic. | 7.8 |
| 2006-12-10 | CVE-2006-6428 | Multiple vulnerability in Xerox Workcentre 12.060.17.000/13.060.17.000/14.060.17.000 Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allow remote attackers to gain access via unspecified vectors related to "browser permissions." | 7.5 |