Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-05 | CVE-2006-6294 | Unspecified vulnerability in Frisk Software F-Prot Antivirus 4.6.6 Multiple unspecified vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 have unspecified impact and attack vectors. | 7.5 |
| 2006-12-05 | CVE-2006-6293 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in F-Prot Antivirus Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. | 7.5 |
| 2006-12-04 | CVE-2006-6287 | Buffer Overflow vulnerability in AtomixMP3 M3U File Path Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote attackers to execute arbitrary code via a long pathname in an M3U file. | 7.5 |
| 2006-12-04 | CVE-2006-6281 | Remote File Include vulnerability in Dicshunary 0.1Alpha PHP remote file inclusion vulnerability in check_status.php in dicshunary 0.1 alpha allows remote attackers to execute arbitrary PHP code via a URL in the dicshunary_root_path parameter. | 7.5 |
| 2006-12-04 | CVE-2006-6280 | SQL-Injection vulnerability in Oxygen SQL injection vulnerability in viewthread.php in Oxygen (O2PHP Bulletin Board) 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-1572. | 7.5 |
| 2006-12-04 | CVE-2006-6273 | Unspecified vulnerability in Paul Griffin Simple PHP Gallery 1.1 sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message. | 7.5 |
| 2006-12-04 | CVE-2006-6269 | SQL-Injection vulnerability in Infinitytechs Restaurants Cm Multiple SQL injection vulnerabilities in Infinitytechs Restaurants CM allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in rating.asp, (2) the mealid parameter in meal_rest.asp, and (3) the resid parameter in res_details.asp. | 7.5 |
| 2006-12-04 | CVE-2006-6267 | Information Disclosure vulnerability in Postnuke Software Foundation Postnuke 0.7.5.0 PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message. | 7.8 |
| 2006-12-04 | CVE-2006-6264 | Remote Security vulnerability in Teredo Teredo creates trusted peer entries for arbitrary incoming source Teredo addresses, even if the low 32 bits represent an intranet address, which might allow remote attackers to send IPv4 traffic to intranet hosts that use non-RFC1918 addresses, bypassing IPv4 ingress filtering. | 7.5 |
| 2006-12-04 | CVE-2006-6260 | SQL Injection vulnerability in SIAP CMS Login.ASP SQL injection vulnerability in login.asp in Redbinaria Sistema Integrado de Administracion de Portales (SIAP) allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |