Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-07 | CVE-2006-4008 | Remote File Include vulnerability in Knusperleicht FAQ 1.0 PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter. | 7.5 |
2006-08-07 | CVE-2006-4007 | Remote File Include vulnerability in Knusperleicht Guestbook 3.5 PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter. | 7.5 |
2006-08-05 | CVE-2006-4001 | Multiple vulnerability in Barracuda Networks Spam Firewall 3.3.01.001/3.3.03.053/3.3.03.055 Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password. | 7.5 |
2006-08-05 | CVE-2006-3998 | Remote File Include vulnerability in Wowroster 1.5/1.5.1 PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. | 7.5 |
2006-08-05 | CVE-2006-3997 | Remote File Include vulnerability in Wowroster 1.5/1.5.1 PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. | 7.5 |
2006-08-05 | CVE-2006-3994 | Unspecified vulnerability in XMB Software XMB Forum SQL injection vulnerability in the u2u_send_recp function in u2u.inc.php in XMB (aka extreme message board) 1.9.6 Alpha and earlier allows remote attackers to execute arbitrary SQL commands via the u2uid parameter to u2u.php, which is directly accessed from $_POST and bypasses the protection scheme. | 7.5 |
2006-08-05 | CVE-2006-3991 | Remote File Include vulnerability in Voodoo Chat File_Path Parameter PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter. | 7.5 |
2006-08-05 | CVE-2006-3990 | Remote File Include vulnerability in PHPSavant Savant2 Multiple PHP remote file inclusion vulnerabilities in Paul M. | 7.5 |
2006-08-05 | CVE-2006-3986 | Remote File Include vulnerability in Knusperleicht NewsLetter PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter. | 7.5 |
2006-08-05 | CVE-2006-3984 | Remote File Include vulnerability in PHPAuction PHPAds_Path Variable PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter. | 7.5 |