Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2006-11-27 CVE-2006-6125 Buffer Errors vulnerability in Netgear Wg311V1 2.3.1.10
Heap-based buffer overflow in the wireless driver (WG311ND5.SYS) 2.3.1.10 for NetGear WG311v1 wireless adapter allows remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID.
network
low complexity
netgear CWE-119
7.5
7.5
2006-11-26 CVE-2006-6122 Remote Security vulnerability in Tin
Multiple buffer overflows in TIN before 1.8.2 have unspecified impact and attack vectors, a different vulnerability than CVE-2006-0804.
network
low complexity
tin
7.5
7.5
2006-11-26 CVE-2006-6117 SQL Injection vulnerability in FipsGallery Index1.ASP
SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the which parameter.
network
low complexity
fipsasp
7.5
7.5
2006-11-26 CVE-2006-6116 SQL Injection vulnerability in FipsForum Default2.ASP
SQL injection vulnerability in default2.asp in fipsForum 2.6 and earlier allows remote attackers to execute arbitrary SQL commands via the kat parameter.
network
low complexity
fipsasp
7.5
7.5
2006-11-26 CVE-2006-6115 SQL Injection vulnerability in FipsCMS Index.ASP
SQL injection vulnerability in index.asp in fipsCMS 4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter.
network
low complexity
fipsasp
7.5
7.5
2006-11-26 CVE-2006-6110 SQL-Injection vulnerability in Content Management System
Multiple SQL injection vulnerabilities in an unspecified BPG-InfoTech Content Management System product allow remote attackers to execute arbitrary SQL commands via the (1) vjob parameter in publications_list.asp or (2) InfoID parameter in publication_view.asp.
network
low complexity
bpg-infotech
7.5
7.5
2006-11-24 CVE-2006-6095 SQL Injection vulnerability in Dotnetindex Active News Manager
Multiple SQL injection vulnerabilities in ActiveNews Manager allow remote attackers to execute arbitrary SQL commands via the (1) articleID parameter to activenews_view.asp or the (2) page parameter to default.asp.
network
low complexity
dotnetindex CWE-89
7.5
7.5
2006-11-24 CVE-2006-6093 Remote File Include vulnerability in Picturespro Photo Cart 3.9
Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 allow remote attackers to execute arbitrary PHP code via a URL in the (1) admin_folder and (2) path parameters.
network
low complexity
picturespro
7.5
7.5
2006-11-24 CVE-2006-6081 Remote Security vulnerability in Telaen
PHP remote file inclusion vulnerability in Smarty_Compiler.class.php in Telaen 1.1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plugin_file parameter.
network
low complexity
telaen
7.5
7.5
2006-11-24 CVE-2006-6080 SQL Injection vulnerability in Gnews Publisher
Multiple SQL injection vulnerabilities in categories.asp in gNews Publisher allow remote attackers to execute arbitrary SQL commands via the (1) catID or (2) editorID parameter.
network
low complexity
gazatem-technologies
7.5
7.5