Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-27 | CVE-2006-4356 | SQL Injection vulnerability in Drupal Easylinks Module SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2006-08-27 | CVE-2006-4354 | Remote File Include vulnerability in Phome Empire Phome Empire CMS 3.7 PHP remote file inclusion vulnerability in e/class/CheckLevel.php in Phome Empire CMS 3.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the check_path parameter. | 7.5 |
| 2006-08-26 | CVE-2006-4377 | SQL-Injection vulnerability in Eichhorn Portal Multiple SQL injection vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module. | 7.5 |
| 2006-08-26 | CVE-2006-4373 | Remote File Include vulnerability in Derek Leung Pslash 0.70 PHP remote file inclusion vulnerability in modules/visitors2/include/config.inc.php in pSlash 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter. | 7.5 |
| 2006-08-26 | CVE-2006-4372 | Remote Security vulnerability in Constructor Component PHP remote file inclusion vulnerability in admin.lurm_constructor.php in the Lurm Constructor component (com_lurm_constructor) 0.6b and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter. | 7.5 |
| 2006-08-26 | CVE-2006-4370 | Privilege Escalation vulnerability in Alt-N Webadmin 3.2.3/3.2.4 Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file. | 7.5 |
| 2006-08-26 | CVE-2006-4368 | Remote File Include vulnerability in Integramod Portal 2.0 PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-08-26 | CVE-2006-4367 | SQL Injection vulnerability in All Topics phpBB module SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter. | 7.5 |
| 2006-08-26 | CVE-2006-4366 | Remote File Include vulnerability in Redblog 0.5 PHP remote file inclusion vulnerability in index.php in RedBLoG 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | 7.5 |
| 2006-08-26 | CVE-2006-4365 | Remote File Include vulnerability in VistaBB Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) includes/functions_portal.php. | 7.5 |