Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2006-06-06 CVE-2006-2861 SQL Injection vulnerability in Particle Soft Particle Wiki 1.0.2
SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.
network
low complexity
particle-soft
7.5
7.5
2006-06-06 CVE-2006-2858 SQL Injection vulnerability in Locazo Locazolist Classifieds 1.03C/1.04D/1.05E
SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers to execute arbitrary SQL commands via the msgid parameter.
network
low complexity
locazo
7.5
7.5
2006-06-06 CVE-2006-2857 SQL Injection vulnerability in Lifetype 1.0.2/1.0.3/1.0.4
SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action (viewarticleaction.class.php).
network
low complexity
lifetype
7.5
7.5
2006-06-06 CVE-2006-2855 SQL Injection vulnerability in Xuebook 1.0
SQL injection vulnerability in index.php in xueBook 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter.
network
low complexity
xuebook
7.5
7.5
2006-06-06 CVE-2006-2854 SQL Injection vulnerability in Ibwd Guestbook 1.0
SQL injection vulnerability in index.php in iBWd Guestbook 1.0 allows remote attackers to execute arbitrary SQL commands via the offset parameter.
network
low complexity
ibwd
7.5
7.5
2006-06-06 CVE-2006-2853 SQL Injection vulnerability in Abarcar Realty Portal 5.1.5
SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
network
low complexity
abarcar
7.5
7.5
2006-06-06 CVE-2006-2849 Remote File Include vulnerability in ByteHoard Server.PHP
PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter.
network
low complexity
andrew-godwin
7.5
7.5
2006-06-06 CVE-2006-2847 SQL Injection vulnerability in Full Revolution Aspweblinks 2.0
SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote attackers to execute arbitrary SQL commands via the linkID parameter.
network
low complexity
full-revolution
7.5
7.5
2006-06-06 CVE-2006-2845 Remote Security vulnerability in Redaxo 3.0/3.2
PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to image_resize/pages/index.inc.php.
network
low complexity
redaxo
7.5
7.5
2006-06-06 CVE-2006-2844 Remote Security vulnerability in Redaxo 3.0
Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php.
network
low complexity
redaxo
7.5
7.5