Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-28 | CVE-2006-1426 | SQL Injection vulnerability in Pixel Motion Multiple SQL injection vulnerabilities in Pixel Motion Blog allow remote attackers to execute arbitrary SQL commands via the (1) date parameter in index.php or bypass authentication via the (2) password parameter in admin/index.php. | 7.5 |
2006-03-28 | CVE-2006-1403 | Buffer Overflow and Format String vulnerability in Csdoom 2005 0.7 Format string vulnerability in the PrintString function in c_console.cpp in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via format string specifiers in strings passed to the console. | 7.8 |
2006-03-28 | CVE-2006-1402 | Buffer Overflow and Format String vulnerability in Csdoom 20050.7 Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to (1) cause a denial of service via a long nickname or teamname to the SV_SetupUserInfo function or (2) execute arbitrary code via a long string sent when joining a match or a long chat message to the SV_BroadcastPrintf function. | 7.5 |
2006-03-28 | CVE-2006-0991 | Remote Buffer Overflow vulnerability in VERITAS NetBackup Buffer overflow in the NetBackup Sharepoint Services server daemon (bpspsserver) on NetBackup 6.0 for Windows allows remote attackers to execute arbitrary code via crafted "Request Service" packets to the vnetd service (TCP port 13724). | 7.1 |
2006-03-26 | CVE-2006-1395 | SQL Injection vulnerability in Cholod MySQL Based Message Board Mb.CGI SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. | 7.5 |
2006-03-26 | CVE-2006-1386 | Remote Information Disclosure vulnerability in Twiki 4.0/4.0.1 The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics. | 7.5 |
2006-03-25 | CVE-2006-1389 | Remote Denial Of Service vulnerability in HP Hp-Ux 11.00/11.11/11.4 Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 7.8 |
2006-03-24 | CVE-2006-1388 | Unspecified vulnerability in Microsoft IE and Internet Explorer Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | 7.5 |
2006-03-24 | CVE-2006-1382 | Remote File Include vulnerability in VBulletin ImpEx PHP remote file inclusion vulnerability in impex/ImpExData.php in vBulletin ImpEx module 1.74, when register_globals is disabled, allows remote attackers to include arbitrary files via the systempath parameter. | 7.5 |
2006-03-24 | CVE-2006-1374 | SQL Injection vulnerability in AdMan ViewStatement.PHP SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter. | 7.5 |