Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-14 | CVE-2006-1531 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-14 | CVE-2006-1530 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-14 | CVE-2006-1529 | Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. | 7.5 |
2006-04-13 | CVE-2006-1551 | Arbitrary PHP Code Execution vulnerability in Georges Auberger Pajax 0.5.0/0.5.1 Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | 7.5 |
2006-04-13 | CVE-2006-1627 | Remote vulnerability in Adobe Document Server for Reader Extensions Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. | 7.5 |
2006-04-13 | CVE-2006-1781 | Code Injection vulnerability in Circle R Monster TOP List PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | 7.5 |
2006-04-13 | CVE-2006-1778 | SQL Injection vulnerability in Simplog Multiple SQL injection vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) blogid parameter in (a) index.php and (b) archive.php, the (2) m and (3) y parameters in archive.php, and the (4) sql parameter in (c) server.php. | 7.5 |
2006-04-13 | CVE-2006-1777 | Remote File Include vulnerability in Simplog Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php. | 7.5 |
2006-04-13 | CVE-2006-1776 | Remote File Include vulnerability in Simplog PHP remote file inclusion vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the s parameter. | 7.5 |
2006-04-13 | CVE-2006-1774 | Security Bypass vulnerability in HP Compaqhttpserver and System Management Homepage HP System Management Homepage (SMH) 2.1.3.132, when running on CompaqHTTPServer/9.9 on Windows, Linux, or Tru64 UNIX, and when "Trust by Certificates" is not enabled, allows remote attackers to bypass authentication via a crafted URL. | 7.5 |