Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-02 | CVE-2006-2148 | Remote Buffer Overflow and Denial Of Service vulnerability in Cgiirc 0.5.4/0.5.7 Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string. | 7.5 |
| 2006-05-02 | CVE-2006-2137 | Remote File Include vulnerability in OpenPHPnuke PHP remote file inclusion vulnerability in master.php in OpenPHPNuke and 2.3.3 earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | 7.5 |
| 2006-05-02 | CVE-2006-2136 | SQL Injection vulnerability in Aznews 1.0 SQL injection vulnerability in news.php in AZNEWS allows remote attackers to execute arbitrary SQL commands via the ID parameter. | 7.5 |
| 2006-05-02 | CVE-2006-2135 | SQL Injection vulnerability in Ruperts News Script Login.PHP SQL injection vulnerability in login.php in Ruperts News allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
| 2006-05-01 | CVE-2006-2133 | SQL-Injection vulnerability in Barracuda SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality. | 7.5 |
| 2006-05-01 | CVE-2006-2128 | SQL Injection vulnerability in Deltascripts PRO Publish 2.0 Multiple SQL injection vulnerabilities in Pro Publish 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) email and (2) password parameter to (a) admin/login.php, (3) find_str parameter to (b) search.php, or (4) artid parameter to (c) art.php, or (5) catid parameter to (d) cat.php. | 7.5 |
| 2006-05-01 | CVE-2006-2118 | Authentication Bypass vulnerability in JMK Picture Gallery Admin_Gallery.PHP3 JMK's Picture Gallery allows remote attackers to bypass authentication via a direct request to admin_gallery.php3, possibly related to the add action. | 7.5 |
| 2006-05-01 | CVE-2006-2116 | Authentication Bypass vulnerability in PlanetGallery Gallery_admin.PHP planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php. | 7.5 |
| 2006-05-01 | CVE-2006-2115 | Arbitrary Code Execution vulnerability in SWS Web Server Format string vulnerability in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via unspecified vectors that are not properly handled in a syslog function call. | 7.5 |
| 2006-05-01 | CVE-2006-2114 | Arbitrary Code Execution vulnerability in SWS Web Server Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long request. | 7.5 |