Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-04 | CVE-2006-5719 | SQL Injection vulnerability in Bytesfall Explorer Bytesfall Explorer 0.0.6 SQL injection vulnerability in libs/sessions.lib.php in BytesFall Explorer (bfExplorer) 0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, a different issue than CVE-2006-5606. | 7.5 |
2006-11-04 | CVE-2006-5710 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow. | 7.5 |
2006-11-04 | CVE-2006-5707 | SQL Injection vulnerability in PHPEasyData SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | 7.5 |
2006-11-04 | CVE-2006-5706 | Local Security vulnerability in PHP Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local users to bypass open_basedir restrictions and perform unspecified actions via unspecified vectors involving the (1) chdir and (2) tempnam functions. | 7.2 |
2006-11-04 | CVE-2006-5465 | Buffer Overflow vulnerability in PHP HTMLEntities HTMLSpecialChars Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions. | 7.5 |
2006-11-03 | CVE-2006-5677 | Unspecified vulnerability in Cluster Resources Torque Resource Manager resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs. | 7.2 |
2006-11-03 | CVE-2006-5674 | Remote Security vulnerability in MiniBB Multiple PHP remote file inclusion vulnerabilities in miniBB 2.0.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter to (1) bb_func_forums.php, (2) bb_functions.php, or (3) the RSS plugin. | 7.5 |
2006-11-03 | CVE-2006-5672 | Remote File Include vulnerability in Retired: MySource CMS Init_Mysource.PHP PHP remote file inclusion vulnerability in web/init_mysource.php in MySource CMS 2.16.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter. | 7.5 |
2006-11-03 | CVE-2006-5671 | Remote Security vulnerability in Free Image Hosting PHP remote file inclusion vulnerability in contact.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. | 7.5 |
2006-11-03 | CVE-2006-5670 | Remote File Include vulnerability in Free Image Hosting Forgot_Pass.PHP PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. | 7.5 |