Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-24 | CVE-2006-6079 | Remote Security vulnerability in Imendio AB Loudmouth 2.4 Multiple PHP remote file inclusion vulnerabilities in LoudMouth 2.4 allow remote attackers to execute arbitrary PHP code via a URL in the mainframe parameter to (1) admin.loudmouth.php or (2) toolbar.loudmouth.php. | 7.5 |
| 2006-11-24 | CVE-2006-6078 | Remote File Include vulnerability in A-Conman 3.2Beta PHP remote file inclusion vulnerability in common.inc.php in a-ConMan 3.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the cm_basedir parameter. | 7.5 |
| 2006-11-24 | CVE-2006-6073 | SQL Injection vulnerability in Enthrallweb Eshopping Cart Multiple SQL injection vulnerabilities in Enthrallweb eShopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) ProductID parameter in productdetail.asp or the (2) categoryid parameter in products.asp. | 7.5 |
| 2006-11-24 | CVE-2006-6072 | Products Vjob Parameter SQL Injection vulnerability in Bpg-Infotech Easy Publisher and Smart Publisher PRO SQL injection vulnerability in bpg/publications_list.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter. | 7.5 |
| 2006-11-22 | CVE-2006-3973 | Local Privilege Escalation vulnerability in MY Firewall Plus MY Firewall Plus 5.0Build1119 My Firewall Plus 5.0 Build 1119 does not verify if explorer.exe is running before launching iexplore.exe from the "Test Your Firewall" feature, which allows local users to gain SYSTEM privileges. | 7.2 |
| 2006-11-22 | CVE-2006-6070 | SQL-Injection vulnerability in ASP-Nuke SQL injection vulnerability in module/account/register/register.asp in ASP Nuke 0.80 and earlier allows remote attackers to execute arbitrary SQL commands via the StateCode parameter. | 7.5 |
| 2006-11-22 | CVE-2006-6064 | Buffer Overflow vulnerability in Fuzzball MUCK Message Parsing Interpreter Multiple buffer overflows in the Message Parsing Interpreter (MPI) in Fuzzball MUCK before 6.07 allow remote attackers to execute arbitrary code via crafted messages. | 7.5 |
| 2006-11-22 | CVE-2006-6063 | Remote Buffer Overflow vulnerability in XMPlay Playlist Files Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName. | 7.5 |
| 2006-11-22 | CVE-2006-6051 | Remote File Include vulnerability in Mamboxchange Mosreporter 1.0 PHP remote file inclusion vulnerability in reporter.logic.php in the MosReporter (com_reporter) component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-11-22 | CVE-2006-6050 | SQL Injection vulnerability in ClickTech Texas RankEm Player.ASP Tournaments.ASP Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp. | 7.5 |