Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-13 | CVE-2006-5290 | Unspecified vulnerability in Xerox products The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname." | 7.5 |
2006-10-13 | CVE-2006-5289 | Remote File Include vulnerability in Vtiger CRM 4.2 Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the calpath parameter to (1) modules/Calendar/admin/update.php, (2) modules/Calendar/admin/scheme.php, or (3) modules/Calendar/calendar.php. | 7.5 |
2006-10-13 | CVE-2006-5285 | SQL Injection vulnerability in XeoPort SQL injection vulnerability in index.php in XeoPort 0.81, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the xp_body_text parameter. | 7.5 |
2006-10-13 | CVE-2006-5283 | Remote File Include vulnerability in Minichat 6.0 PHP remote file inclusion vulnerability in ftag.php in Minichat 6.0 allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter. | 7.5 |
2006-10-13 | CVE-2006-5282 | Remote File Include vulnerability in SH-News Scriptpath Parameter Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to (1) report.php, (2) archive.php, (3) comments.php, (4) init.php, or (5) news.php. | 7.5 |
2006-10-13 | CVE-2006-5281 | Remote File Include vulnerability in N@Board Naboard_PNR.PHP PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter. | 7.5 |
2006-10-12 | CVE-2006-5263 | Local File Include vulnerability in PhpMyAgenda Language Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. | 7.5 |
2006-10-12 | CVE-2006-5261 | Remote File Include vulnerability in PHPMyNews CFG_INCLUDE_DIR Multiple PHP remote file inclusion vulnerabilities in PHPMyNews 1.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cfg_include_dir parameter in (1) disp_form.php3, (2) disp_smileys.php3, (3) little_news.php3, and (4) index.php3 in include/. | 7.5 |
2006-10-12 | CVE-2006-5260 | Remote Security vulnerability in Compteur 2 PHP remote file inclusion vulnerability in compteur.php in Compteur 2 allows remote attackers to execute arbitrary PHP code via a URL in the cp parameter. | 7.5 |
2006-10-12 | CVE-2006-5259 | Remote File Include vulnerability in Compteur 2 PHP remote file inclusion vulnerability in param_editor.php in Compteur 2 allows remote attackers to execute arbitrary PHP code via a URL in the folder parameter. | 7.5 |