Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-03 | CVE-2006-5124 | Remote File Include and Information Disclosure vulnerability in Joshua Muheim PHPmywebmin 1.0 Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php. | 7.5 |
2006-10-03 | CVE-2006-5123 | Remote File Include vulnerability in PHProjekt Include Path Multiple PHP remote file inclusion vulnerabilities in Albrecht Guenther PHProjekt 5.1.x before 5.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lib_path or (2) lang_path parameter in unspecified files, related to code changes intended to fix inclusion, a different vulnerability than CVE-2002-0451, CVE-2006-4204, and CVE-2006-4609. | 7.5 |
2006-10-03 | CVE-2006-5121 | SQL Injection vulnerability in Postnuke Software Foundation Postnuke 0.762 SQL injection vulnerability in modules/Downloads/admin.php in the Admin section of PostNuke 0.762 allows remote attackers to execute arbitrary SQL commands via the hits parameter. | 7.5 |
2006-10-03 | CVE-2006-5118 | Remote File Include vulnerability in PHPSelect Web Development Index.PHP3 PHP remote file inclusion vulnerability in index.php3 in the PDD package for PHPSelect Web Development Division allows remote attackers to execute arbitrary PHP code via a URL in the Application_Root parameter. | 7.5 |
2006-10-03 | CVE-2006-5113 | Directory Traversal vulnerability in Yuuki Yoshizawa Exporia 0.3.0 Directory traversal vulnerability in common.php in Yuuki Yoshizawa Exporia 0.3.0 allows remote attackers to include and execute local files via a .. | 7.5 |
2006-10-03 | CVE-2006-5112 | Remote Buffer Overflow vulnerability in Intervations Navicopa web Server 2.01 Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
2006-10-03 | CVE-2006-5107 | Input Validation vulnerability in CubeCart Multiple SQL injection vulnerabilities in Devellion CubeCart 2.0.x allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter in admin/forgot_pass.php, (2) the order_id parameter in view_order.php, (3) the view_doc parameter in view_doc.php, and (4) the order_id parameter in admin/print_order.php. | 7.5 |
2006-10-03 | CVE-2006-5105 | Remote Security vulnerability in Forum ONE Syntaxcms 1.1.1/1.2.1/1.3 Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 through 1.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the init_path parameter to admin/testing/tests/0030_init_syntax.php, or (2) an unspecified parameter to admin/testing/index.php. | 7.5 |
2006-10-03 | CVE-2006-5104 | SQL Injection vulnerability in Jelsoft VBulletin SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote attackers to execute arbitrary SQL commands via the templatesused parameter. | 7.5 |
2006-10-03 | CVE-2006-5103 | Remote File Include vulnerability in Bbsnew 2.0.1 PHP remote file inclusion vulnerability in admin/index2.php in bbsNew 2.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the "right" parameter. | 7.5 |