Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-09 | CVE-2006-1075 | Remote Format String vulnerability in Liero Xtreme Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapname in a level (aka .lxl) file. | 7.5 |
2006-03-09 | CVE-2006-0746 | Multiple Unspecified vulnerability in Retired - KPDF Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627. | 7.5 |
2006-03-07 | CVE-2006-1051 | SQL Injection vulnerability in Akarru Social BookMarking Engine 0.4.3.2/0.4.3.3 SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php. | 7.5 |
2006-03-07 | CVE-2006-1049 | SQL Injection vulnerability in Joomla Multiple SQL injection vulnerabilities in the Admin functionality in Joomla! 1.0.7 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
2006-03-07 | CVE-2006-1044 | Multiple Unspecified vulnerability in Lsoft Listserv 14.3/14.4 Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. | 7.5 |
2006-03-07 | CVE-2006-1037 | Multiple vulnerability in Oracle Diagnostics and E-Business Suite SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
2006-03-07 | CVE-2006-1036 | Multiple vulnerability in Oracle Diagnostics 2.0/2.1/2.2 Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | 7.5 |
2006-03-07 | CVE-2006-1035 | Multiple vulnerability in Oracle Diagnostics and E-Business Suite Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown attack vectors. | 7.5 |
2006-03-07 | CVE-2006-1032 | Remote Code Execution vulnerability in PHPrpc 0.7/0.8/0.9 Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag. | 7.5 |
2006-03-07 | CVE-2006-1031 | Code Injection vulnerability in Igenus Webmail 2.0/2.01/2.02 config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter. | 7.5 |