Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-17 | CVE-2006-5959 | Unspecified vulnerability in web Inhabit A+ Store E-Commerce SQL injection vulnerability in browse.asp in A+ Store E-Commerce allows remote attackers to execute arbitrary SQL commands via the ParentID parameter. | 7.5 |
| 2006-11-17 | CVE-2006-5955 | SQL-Injection vulnerability in 20 20 Datashed SQL injection vulnerability in listings.asp in 20/20 DataShed (aka Real Estate Listing System) allows remote attackers to execute arbitrary SQL commands via the itemID parameter. | 7.5 |
| 2006-11-17 | CVE-2006-5954 | SQL-Injection vulnerability in Netvios SQL injection vulnerability in page.asp in NetVIOS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the NewsID parameter. | 7.5 |
| 2006-11-17 | CVE-2006-5952 | SQL-Injection vulnerability in ASP Smiley ASP Smiley 1.0 SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote attackers to execute arbitrary SQL commands via the Username field. | 7.5 |
| 2006-11-17 | CVE-2006-5951 | Remote File Include vulnerability in Exophpdesk 1.2 PHP remote file inclusion vulnerability in pipe.php in Exophpdesk 1.2 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter. | 7.5 |
| 2006-11-17 | CVE-2006-5948 | Remote File Include vulnerability in Ringsworld PHPpeanuts 1.1 PHP remote file inclusion vulnerability in pntUnit/Inspect.php in phpPeanuts 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the Include parameter. | 7.5 |
| 2006-11-17 | CVE-2006-5943 | Input Validation vulnerability in Inventory Manager Multiple SQL injection vulnerabilities in inventory/display/imager.asp in Website Designs for Less Inventory Manager allow remote attackers to execute arbitrary SQL commands via the (1) pictable, (2) picfield, or (3) where parameter. | 7.5 |
| 2006-11-16 | CVE-2006-5939 | Divide BY Zero vulnerability in Grisoft AVG Antivirus Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers a divide-by-zero error. | 7.8 |
| 2006-11-16 | CVE-2006-5937 | Integer Overflow OR Wraparound vulnerability in Grisoft AVG Antivirus Multiple integer overflows in Grisoft AVG Anti-Virus before 7.1.407 allow remote attackers to execute arbitrary code via crafted (1) CAB or (2) RAR archives that trigger a heap-based buffer overflow. | 7.5 |
| 2006-11-16 | CVE-2006-5936 | SQL Injection vulnerability in SiteXpress E-Commerce System Dept.ASP SQL injection vulnerability in dept.asp in SiteXpress E-Commerce System allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |