Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-11-10 | CVE-2006-5828 | SQL Injection vulnerability in DeltaScripts PHP Classifieds Detail.PHP SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | 7.5 |
| 2006-11-09 | CVE-2006-5782 | Unspecified vulnerability in HP Openview Client Configuraton Manager radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv. | 7.8 |
| 2006-11-08 | CVE-2006-5818 | TuneKrnl Local Privilege Escalation vulnerability in IBM Lotus Domino Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors. | 7.2 |
| 2006-11-08 | CVE-2006-5816 | Remote Security vulnerability in Dmitry Sheiko Business Card web Builder 2.5 Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko Business Card Web Builder (BCWB) 2.5 allow remote attackers to execute arbitrary PHP code via a URL in the root_path_admin parameter to (1) /include/startup.inc.php, (2) dcontent/default.css.php, or (3) system/default.css.php, different vectors than CVE-2006-4946. | 7.5 |
| 2006-11-08 | CVE-2006-5814 | Remote Security vulnerability in eDirectory Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. | 7.5 |
| 2006-11-08 | CVE-2006-5463 | Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object while it is executing. | 7.5 |
| 2006-11-08 | CVE-2006-5747 | Remote vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function. | 7.5 |
| 2006-11-08 | CVE-2006-5804 | Remote File Include vulnerability in Advanced Guestbook Advanced Guestbook 2.3.1 PHP remote file inclusion vulnerability in admin.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | 7.5 |
| 2006-11-08 | CVE-2006-5803 | Remote File Include vulnerability in MX Smartor Album Module Album.PHP PHP remote file inclusion vulnerability in modules/mx_smartor/album.php in the mxBB Smartor Album module 1.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | 7.5 |
| 2006-11-08 | CVE-2006-5802 | SQL Injection vulnerability in Webdrivers Simple Forum Message_details.PHP SQL injection vulnerability in message_details.php in The Web Drivers Simple Forum, dated 20060318, allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |