Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-10 | CVE-2006-5224 | Remote File Include vulnerability in Dimitri Seitz Security Suite IP Logger 1.0.0 PHP remote file inclusion vulnerability in includes/logger_engine.php in Dimitri Seitz Security Suite IP Logger 1.0.0 in dwingmods for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-10-10 | CVE-2006-5223 | Remote File Include vulnerability in Nivisec User Viewed Posts Tracker 1.0 PHP remote file inclusion vulnerability in includes/functions_user_viewed_posts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-10-10 | CVE-2006-5222 | Remote File Include vulnerability in Dimension of PHPbb Dimension of PHPbb 0.2.6 Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php. | 7.5 |
| 2006-10-10 | CVE-2006-5221 | SQL Injection vulnerability in Cahier DE Textes Cahier DE Textes 2.0 Multiple SQL injection vulnerabilities in Cahier de texte 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php. | 7.5 |
| 2006-10-10 | CVE-2006-5217 | SQL Injection vulnerability in Emek Portal Emek Portal 2.1 SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows remote attackers to execute arbitrary SQL commands by simultaneously injecting into the user name and pass fields in uyegiris.asp, also known as the Kullanici Adi (k_a) and Sifre (sifre) parameters. | 7.5 |
| 2006-10-10 | CVE-2006-5216 | Remote Buffer Overflow vulnerability in Sergey Lyubka Simple Httpd 1.34 Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI. | 7.5 |
| 2006-10-10 | CVE-2006-5209 | Remote Security vulnerability in phpBB PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-10-10 | CVE-2006-5208 | SQL Injection vulnerability in Deltascripts PHP Classifieds 7.1 Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php. | 7.5 |
| 2006-10-10 | CVE-2006-5206 | SQL Injection vulnerability in Invision Gallery SQL injection vulnerability in Invision Gallery 2.0.7 allows remote attackers to execute arbitrary SQL commands via the album parameter in (1) index.php and (2) forum/index.php, when the rate command in the gallery automodule is used. | 7.5 |
| 2006-10-10 | CVE-2006-5196 | Remote Denial of Service vulnerability in Motorola Surfboard Sb4200 The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service (device crash) via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter. | 7.8 |