Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-08-09 | CVE-2006-4044 | Remote File Include vulnerability in PHPCodeCabinet Core.PHP PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUT_PATH parameter. | 7.5 |
| 2006-08-09 | CVE-2006-4042 | SQL Injection vulnerability in Mywebland Mybloggie Multiple SQL injection vulnerabilities in trackback.php in myWebland myBloggie 2.1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) title, (2) url, (3) excerpt, or (4) blog_name parameters. | 7.5 |
| 2006-08-09 | CVE-2006-4041 | SQL Injection vulnerability in Pike SQL injection vulnerability in Pike before 7.6.86, when using a Postgres database server, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | 7.5 |
| 2006-08-09 | CVE-2006-4040 | Remote File Include vulnerability in myEvent Myevent.PHP PHP remote file inclusion vulnerability in myevent.php in myWebland myEvent 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter. | 7.5 |
| 2006-08-09 | CVE-2006-4039 | SQL Injection vulnerability in Chaossoft Gaestechaos Multiple SQL injection vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) gastname, (2) gastwohnort, or (3) gasteintrag parameters. | 7.5 |
| 2006-08-09 | CVE-2006-4036 | Remote File Include vulnerability in ZoneX Usercp_Register.PHP PHP remote file inclusion vulnerability in includes/usercp_register.php in ZoneMetrics ZoneX Publishers Gold Edition 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | 7.5 |
| 2006-08-09 | CVE-2006-4035 | SQL Injection vulnerability in Counterchaos 0.48C SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | 7.5 |
| 2006-08-09 | CVE-2006-4034 | Remote File Include vulnerability in Moderngigabyte Modernbill 1.6 PHP remote file inclusion vulnerability in include/html/config.php in ModernGigabyte ModernBill 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the DIR parameter. | 7.5 |
| 2006-08-09 | CVE-2006-4029 | Buffer Overflow vulnerability in AGEphone SIP Packet Handling Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 allows remote attackers to execute arbitrary code via a crafted UDP SIP packet. | 7.5 |
| 2006-08-09 | CVE-2006-3979 | Authentication Bypass vulnerability in Macromedia Coldfusion 7.0/7.02 The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. | 7.2 |