Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-12 | CVE-2006-1749 | Code Injection vulnerability in Smartisoft PHPlistpro 2.01 PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. | 7.5 |
| 2006-04-12 | CVE-2006-1743 | SQL Injection vulnerability in Jbook 1.4 Multiple SQL injection vulnerabilities in form.php in JBook 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) nom or (2) mail parameters. | 7.5 |
| 2006-04-11 | CVE-2006-1714 | Cross-Site Scripting vulnerability in PHPmyforum 4.0 CRLF injection vulnerability in index.php in Christoph Roeder phpMyForum 4.0 allows remote attackers to inject HTTP headers via hex-encoded CRLF sequences in the type parameter. | 7.5 |
| 2006-04-11 | CVE-2006-1188 | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. | 7.5 |
| 2006-04-11 | CVE-2006-1185 | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | 7.5 |
| 2006-04-11 | CVE-2006-1710 | SQL Injection vulnerability in Design Nation Dnguestbook 2.0 SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters. | 7.6 |
| 2006-04-11 | CVE-2006-1708 | SQL Injection vulnerability in Clansys 1.1 SQL injection vulnerability in member.php in Clansys 1.1 allows remote attackers to execute arbitrary SQL commands via the showid parameter in the member page to index.php. | 7.5 |
| 2006-04-11 | CVE-2006-1706 | SQL Injection vulnerability in ShopWeezle Multiple SQL injection vulnerabilities in Shopweezle 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) login.php and (b) memo.php; and the (2) itemgr, (3) brandID, and (4) album parameters to (c) index.php. | 7.5 |
| 2006-04-11 | CVE-2006-1703 | Remote File Include vulnerability in Hubert Plisson Sire 2.0 PHP remote file inclusion vulnerability in lire.php in Sire 2.0 nws allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter. | 7.5 |
| 2006-04-11 | CVE-2006-1702 | Remote File Include vulnerability in Spip 1.8.3 PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter. | 7.5 |