Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-13 | CVE-2006-2370 | Remote Access Remote Code Execution vulnerability in Microsoft Windows 2000, Windows 2003 Server and Windows XP Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability." | 7.5 |
2006-06-13 | CVE-2006-0022 | Remote Code Execution vulnerability in Microsoft PowerPoint Malformed Record Unspecified vulnerability in Microsoft PowerPoint in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP1 and SP2, Office 2004 for Mac, and v. | 7.6 |
2006-06-13 | CVE-2006-2376 | Numeric Errors vulnerability in Microsoft Windows 98, Windows 98Se and Windows ME Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow. | 7.5 |
2006-06-13 | CVE-2006-2998 | Remote File Include vulnerability in Free Qboard Free Qboard 1.1 PHP remote file inclusion vulnerability in board/post.php in free QBoard 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter. | 7.5 |
2006-06-13 | CVE-2006-2996 | Remote File Include vulnerability in Lovecompass Aepartner 0.8.3 PHP remote file inclusion vulnerability in inc/design.inc.php in LoveCompass aePartner 0.8.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dir[data] parameter. | 7.5 |
2006-06-13 | CVE-2006-2995 | Remote File Include vulnerability in Webprojectdb 0.1.3 Multiple PHP remote file inclusion vulnerabilities in WebprojectDB 0.1.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the INCDIR parameter in (1) include/nav.php and (2) include/lang.php. | 7.5 |
2006-06-13 | CVE-2006-2993 | Input Validation vulnerability in My Photo Scrapbook Multiple SQL injection vulnerabilities in My Photo Scrapbook 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the key parameter in (1) Displayview.asp and (2) Details_Photo_bv.asp. | 7.5 |
2006-06-13 | CVE-2006-2987 | SQL-Injection vulnerability in Dominios Europa Picrate 1.0 Multiple SQL injection vulnerabilities in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) voteid, and (3) vfiel parameters to (a) index.php, and via the (4) nick, (5) email, (6) city, (7) messen, and (8) message form field parameters to (b) add.php. | 7.5 |
2006-06-13 | CVE-2006-2985 | SQL-Injection vulnerability in Integramod SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter. | 7.5 |
2006-06-13 | CVE-2006-2983 | Remote File Include vulnerability in Enterprise Payroll Systems PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php. | 7.5 |