Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-22 | CVE-2006-3148 | SQL Injection vulnerability in Open-Realty 2.3.1 SQL injection vulnerability, possibly in search.inc.php, in Open-Realty 2.3.1 allows remote attackers to execute arbitrary SQL commands via the sorttype parameter to index.php. | 7.5 |
2006-06-22 | CVE-2006-3144 | Code Injection vulnerability in IBD Micro CMS 0.3.5 PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) and earlier allows remote attackers to execute arbitrary PHP code via a URL in the microcms_path parameter. | 7.5 |
2006-06-22 | CVE-2006-3142 | SQL Injection vulnerability in Vbzoom 1.11 SQL injection vulnerability in forum.php in VBZooM 1.11 allows remote attackers to execute arbitrary SQL commands via the MainID parameter. | 7.5 |
2006-06-22 | CVE-2006-3140 | SQL-Injection vulnerability in Openci SQL injection vulnerability in index.php in openCI 1.0 BETA 0.20.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2006-06-22 | CVE-2006-3139 | SQL Injection vulnerability in Vwar Virtual WAR Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters. | 7.5 |
2006-06-22 | CVE-2006-3130 | Input Validation vulnerability in Clubpage SQL injection vulnerability in index.php in Clubpage allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
2006-06-21 | CVE-2006-3127 | Resource Management Errors vulnerability in SUN products Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. | 7.8 |
2006-06-21 | CVE-2006-2911 | SQL Injection vulnerability in CMS MUNDO Control Panel SQL injection vulnerability in controlpanel/index.php in CMS Mundo before 1.0 build 008 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2006-06-21 | CVE-2006-3111 | SQL Injection vulnerability in Chipmailer 1.09 Multiple SQL injection vulnerabilities in main.php in Chipmailer 1.09 allow remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by (1) anfang, (2) name, (3) mail, (4) anrede, (5) vorname, (6) nachname, (7) gebtag, (8) gebmonat, and (9) gebjahr. | 7.5 |
2006-06-19 | CVE-2006-3096 | SQL-Injection vulnerability in Ipostmx 2005 Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter in topics.cfm. | 7.5 |