Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-06 | CVE-2006-4459 | Integer Overflow vulnerability in Digi International INC Anywhere Usb5 1.80.00 Integer overflow in AnywhereUSB/5 1.80.00 allows local users to cause a denial of service (crash) via a 1 byte header size specified in the USB string descriptor. | 7.5 |
| 2006-09-06 | CVE-2006-4095 | Reachable Assertion vulnerability in multiple products BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. | 7.5 |
| 2006-09-06 | CVE-2006-3126 | Remote Arbitrary Command Execution vulnerability in Julian Pawlowski Capi4Hylafax 01.02.03 c2faxrecv in capi4hylafax 01.02.03 allows remote attackers to execute arbitrary commands via null (\0) and shell metacharacters in the TSI string, as demonstrated by a fax from an anonymous number. | 7.5 |
| 2006-09-05 | CVE-2006-4536 | SQL Injection vulnerability in CMS Frogss CMS Frogss 0.4 SQL injection vulnerability in module/rejestracja.php in CMS Frogss 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the podpis parameter. | 7.5 |
| 2006-09-01 | CVE-2006-4533 | Code Injection vulnerability in Plume-Cms Plume CMS Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 and earlier allow remote attackers to execute arbitrary PHP code via the _PX_config[manager_path] parameter to (1) articles.php, (2) categories.php, (3) news.php, (4) prefs.php, (5) sites.php, (6) subtypes.php, (7) users.php, (8) xmedia.php, (9) frontinc/class.template.php, (10) inc/lib.text.php, (11) install/index.php, (12) install/upgrade.php, and (13) tools/htaccess/index.php. | 7.5 |
| 2006-09-01 | CVE-2006-4531 | Remote File Include vulnerability in Pheap Config.PHP PHP remote file inclusion vulnerability in lib/config.php in Pheap CMS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. | 7.5 |
| 2006-09-01 | CVE-2006-4530 | Remote File Include vulnerability in Membrepass 1.5 Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php. | 7.5 |
| 2006-09-01 | CVE-2006-4529 | SQL Injection vulnerability in Membrepass 1.5 SQL injection vulnerability in recherchemembre.php in membrepass 1.5. | 7.5 |
| 2006-09-01 | CVE-2006-4526 | Multiple Security vulnerability in CubeCart SQL injection vulnerability in includes/content/viewCat.inc.php in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the searchArray[] parameter. | 7.5 |
| 2006-09-01 | CVE-2006-4524 | SQL Injection vulnerability in Digiappz Freekot 1.01 Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. | 7.5 |