Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-24 | CVE-2006-4322 | Remote File Include vulnerability in RETIRED: Mambo EstateAgent Component mosConfig_absolute_path PHP remote file inclusion vulnerability in estateagent.php in the EstateAgent component (com_estateagent) for Mambo, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-24 | CVE-2006-4321 | Remote File Include vulnerability in Coppermine Photo Gallery 1.0 PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-24 | CVE-2006-4320 | Remote File Include vulnerability in RETIRED: Joomla OpenSEF Component mosConfig_absolute_path PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-24 | CVE-2006-4319 | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307. | 7.2 |
| 2006-08-23 | CVE-2006-4316 | Local Privilege Escalation vulnerability in SSH Tectia Manager Agent Process SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges. | 7.2 |
| 2006-08-23 | CVE-2006-4315 | Privilege Escalation vulnerability in SSH Tectia Windows Path Specification Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories. | 7.2 |
| 2006-08-23 | CVE-2006-4307 | Local Privilege Escalation vulnerability in Sun Solaris Format(1M) Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than CVE-2006-4306 and CVE-2006-4319. | 7.2 |
| 2006-08-23 | CVE-2006-4306 | Unspecified vulnerability in SUN Solaris and Sunos Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile. | 7.2 |
| 2006-08-23 | CVE-2006-3745 | Buffer Overflow vulnerability in Linux Kernel SCTP_Make_Abort_User Function Unspecified vulnerability in the sctp_make_abort_user function in the SCTP implementation in Linux 2.6.x before 2.6.17.10 and 2.4.23 up to 2.4.33 allows local users to cause a denial of service (panic) and possibly gain root privileges via unknown attack vectors. | 7.2 |
| 2006-08-23 | CVE-2006-4300 | Unspecified vulnerability in 8Pixel.Net Simple Blog SQL injection vulnerability in comments.asp in SimpleBlog 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |