Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-19 | CVE-2006-4857 | SQL Injection vulnerability in Clicktech Clickblog 2.0 SQL injection vulnerability in default.asp (aka the login page) in ClickTech ClickBlog 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) form_codeword (aka the Password field) parameters. | 7.5 |
| 2006-09-19 | CVE-2006-4853 | SQL Injection vulnerability in Haberx Kategorix.ASP SQL injection vulnerability in kategorix.asp in Haberx 1.02 through 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in kategorihaberx.asp. | 7.5 |
| 2006-09-19 | CVE-2006-4852 | SQL Injection vulnerability in Quadcomm Q-Shop 3.5 SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter. | 7.5 |
| 2006-09-19 | CVE-2006-4851 | Remote Security vulnerability in Bolinos 4.3.0/4.4.1 PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. | 7.5 |
| 2006-09-19 | CVE-2006-4849 | Remote File Include vulnerability in MobilePublisherPHP Header.PHP PHP remote file inclusion vulnerability in header.php in MobilePublisherPHP 1.5 RC2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter. | 7.5 |
| 2006-09-15 | CVE-2006-4837 | Input Validation vulnerability in Codeworx Technologies Dcp-Portal Se6.0 Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) library/lib.php and (2) library/editor/editor.php. | 7.5 |
| 2006-09-15 | CVE-2006-4833 | Denial of Service vulnerability in Verso Netperformer Frame Relay Access Device ACT Sdm9200Series/Sdm9300Series/Sdm9500Series Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allow remote attackers to cause a denial of service (hang or reboot) via an ICMP packet with the same destination and source address and port, aka the "Land" vulnerability. | 7.8 |
| 2006-09-15 | CVE-2006-4832 | Buffer Overflow vulnerability in Verso Netperformer Frame Relay Access Device ACT Sdm9200Series/Sdm9300Series/Sdm9500Series Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username. | 7.5 |
| 2006-09-15 | CVE-2006-4828 | Remote File Include vulnerability in PhotoPost Pro PHP remote file inclusion vulnerability in zipndownload.php in PhotoPost 4.0 through 4.6 allows remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter. | 7.5 |
| 2006-09-15 | CVE-2006-4826 | Remote File Include vulnerability in Shadowed Portal Bottom.PHP PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | 7.5 |