Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-21 | CVE-2006-4278 | Remote File Include vulnerability in Sportsphool 1.0 PHP remote file inclusion vulnerability in includes/layout/plain.footer.php in SportsPHool 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the mainnav parameter. | 7.5 |
| 2006-08-21 | CVE-2006-4277 | Remote File Include vulnerability in Tutti Nova Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. | 7.5 |
| 2006-08-21 | CVE-2006-4276 | Remote File Include vulnerability in Tutti Nova PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php. | 7.5 |
| 2006-08-21 | CVE-2006-4275 | Remote File Include vulnerability in Mambo Catalogshop Component 1.0Beta2 PHP remote file inclusion vulnerability in catalogshop.php in the CatalogShop component for Mambo (com_catalogshop) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-21 | CVE-2006-4267 | Input Validation vulnerability in CubeCart Multiple SQL injection vulnerabilities in CubeCart 3.0.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) oid parameter in modules/gateway/Protx/confirmed.php and the (2) x_invoice_num parameter in modules/gateway/Authorize/confirmed.php. | 7.5 |
| 2006-08-21 | CVE-2006-4263 | Remote File Include vulnerability in Mambo Phpshop Product Scroller Component Multiple PHP remote file inclusion vulnerabilities in the Product Scroller Module and other modules in mambo-phpshop (com_phpshop) for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) mod_phpshop.php, (2) mod_phpshop_allinone.php, (3) mod_phpshop_cart.php, (4) mod_phpshop_featureprod.php, (5) mod_phpshop_latestprod.php, (6) mod_product_categories.php, (7) mod_productscroller.php, and (8) mosproductsnap.php. | 7.5 |
| 2006-08-21 | CVE-2006-4254 | Local Privilege Escalation vulnerability in IBM AIX 5.1/5.2/5.3 Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors. | 7.5 |
| 2006-08-21 | CVE-2006-4241 | Remote File Include vulnerability in Mamboxchange Reporter 1.0 PHP remote file inclusion vulnerability in processor/reporter.sql.php in the Reporter Mambo component (com_reporter) allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 7.5 |
| 2006-08-21 | CVE-2006-4240 | Remote File Include vulnerability in FusionPHP Fusion News PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. | 7.5 |
| 2006-08-21 | CVE-2006-4239 | Remote File Include vulnerability in Outreach Project Tool PHP remote file inclusion vulnerability in include/urights.php in Outreach Project Tool (OPT) Max 1.2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CRM_inc parameter. | 7.5 |