Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-22 | CVE-2006-1347 | Input Validation vulnerability in Gcards 1.43/1.44 SQL injection vulnerability in loginfunction.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |
2006-03-21 | CVE-2006-1341 | SQL-Injection vulnerability in Maian Events Maian Events 1.0 SQL injection vulnerability in events.php in Maian Events 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters. | 7.5 |
2006-03-21 | CVE-2006-1337 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mailenable Buffer overflow in the POP 3 (POP3) service in MailEnable Standard Edition before 1.93, Professional Edition before 1.73, and Enterprise Edition before 1.21 allows remote attackers to execute arbitrary code via unknown vectors before authentication. | 7.5 |
2006-03-21 | CVE-2006-0745 | Local Privilege Escalation vulnerability in X.Org X Window Server X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. | 7.2 |
2006-03-21 | CVE-2006-1330 | SQL Injection vulnerability in PHPwebsite 0.7.3/0.8.2/0.8.3 Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to (1) friend.php or (2) article.php. | 7.5 |
2006-03-21 | CVE-2006-1327 | SQL Injection vulnerability in Softbb 0.1 SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter. | 7.5 |
2006-03-21 | CVE-2006-1061 | Buffer Overflow vulnerability in Daniel Stenberg Curl 7.15.0/7.15.1/7.15.2 Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path. | 7.5 |
2006-03-20 | CVE-2006-1320 | Unspecified vulnerability in Rssh 2.3.0 util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf. | 7.5 |
2006-03-19 | CVE-2006-1296 | Unspecified vulnerability in Beagle-Project Beagle 0.2.2.1 Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via a malicious beagle-info program in the current working directory, or possibly directories specified in the PATH. | 7.5 |
2006-03-19 | CVE-2006-1294 | Remote File Include vulnerability in Knowledgebasepublisher 1.2 PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter. | 7.5 |