Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-31 | CVE-2006-5612 | Code Injection vulnerability in Michel Pradel Gestart Beta1 PHP remote file inclusion vulnerability in aide.php3 (aka aide.php) in GestArt beta 1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the aide parameter. | 7.5 |
| 2006-10-31 | CVE-2006-5610 | Remote Security vulnerability in Fully Modded PHPbb Fully Modded PHPbb 2021.4.40 PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-10-30 | CVE-2006-5608 | SQL Injection vulnerability in Drupal Extended Tracker 4.7 SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs." | 7.5 |
| 2006-10-30 | CVE-2006-5604 | File-Upload vulnerability in PHPcards 1.3 Directory traversal vulnerability in phpcards.header.php in phpCards 1.3 allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
| 2006-10-30 | CVE-2006-5603 | SQL Injection vulnerability in Snitz Communications Snitz Forums 2000 3.4.06 SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. | 7.5 |
| 2006-10-28 | CVE-2006-5597 | Authentication Bypass vulnerability in Minihttp web Forum File Sharing Sever Powerpack 4.0 join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters. | 7.5 |
| 2006-10-28 | CVE-2006-5596 | Directory Traversal Information Disclosure vulnerability in AEP Networks Smartgate SSL Server 4.3B Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request. | 7.5 |
| 2006-10-28 | CVE-2006-4574 | Reachable Assertion vulnerability in Wireshark 0.10.1/0.99.2/0.99.3 Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values. | 7.5 |
| 2006-10-27 | CVE-2006-5594 | Remote Security vulnerability in Ipeer PHP remote file inclusion vulnerability in University of British Columbia iPeer 2.0, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | 7.5 |
| 2006-10-27 | CVE-2006-5592 | Authentication Bypass vulnerability in PacPoll Polllog Cookie Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to bypass authentication by setting the polllog cookie value to "xx". | 7.5 |