Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-09 | CVE-2006-2261 | Remote File Include vulnerability in Acal 2.2.4/2.2.5/2.2.6 PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2259 | SQL Injection vulnerability in Maxxcode Maxxschedule 1.0 SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2255 | SQL Injection vulnerability in Creative Software Community Portal 1.1 Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (2) forum_id parameter to (b) DiscView.php or (c) Discussions.php, (3) event_id parameter to (d) EventView.php, (4) AddVote and (5) answer_id parameter to (e) PollResults.php, or (7) mid parameter to (f) DiscReply.php. | 7.5 |
| 2006-05-09 | CVE-2006-2253 | Remote File Include vulnerability in Otterware Statit 420060207 PHP remote file inclusion vulnerability in visible_count_inc.php in Statit 4 (060207) allows remote attackers to execute arbitrary PHP code via a URL in the statitpath parameter. | 7.5 |
| 2006-05-09 | CVE-2006-2239 | SQL Injection vulnerability in Tuomas Airaksinen Newsadmin 1.1 SQL injection vulnerability in readarticle.php in Newsadmin 1.1 allows remote attackers to execute arbitrary SQL commands via the nid parameter. | 7.5 |
| 2006-05-08 | CVE-2006-2236 | Remote Buffer Overflow vulnerability in Quake 3 Engine remapShader Command Buffer overflow in the Quake 3 Engine, as used by (1) ET 2.60, (2) Return to Castle Wolfenstein 1.41, and (3) Quake III Arena 1.32b allows remote attackers to execute arbitrary commands via a long remapShader command. | 7.6 |
| 2006-05-05 | CVE-2006-2235 | Authentication Bypass vulnerability in Codemunkyx Simple Poll 1.0 CodeMunkyX (aka free-php.net) Simple Poll 1.0, when authentication is not required for the admin directory, allows remote attackers to gain administrative privileges by appending /admin/ to the top-level URI of the application. | 7.6 |
| 2006-05-05 | CVE-2006-2233 | Remote Buffer Overflow vulnerability in Banktown Btcxctl20Com Activex Control 1.4.2.51817/1.5.2.50209 Buffer overflow in BankTown Client Control (aka BtCxCtl20Com) 1.4.2.51817, and possibly 1.5.2.50209, allows remote attackers to execute arbitrary code via a long string in the first argument to SetBannerUrl. | 7.5 |
| 2006-05-05 | CVE-2006-2225 | Authentication Buffer Overflow vulnerability in XM Easy Personal FTP Server Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows remote attackers to execute arbitrary code, probably via a USER command with a long username. | 7.5 |
| 2006-05-05 | CVE-2006-2217 | SQL Injection vulnerability in Invision Power Board SQL injection vulnerability in index.php in Invision Power Board allows remote attackers to execute arbitrary SQL commands via the pid parameter in a reputation action. | 7.5 |