Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-22 | CVE-2006-0844 | Unspecified vulnerability in Leif M. Wright web Blog 3.5 Leif M. | 7.5 |
| 2006-02-22 | CVE-2006-0835 | SQL Injection vulnerability in Web Calendar Pro Dropbase.PHP SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter. | 7.5 |
| 2006-02-22 | CVE-2006-0834 | Information Disclosure vulnerability in Uip1868p Uniden UIP1868P VoIP Telephone and Router has a default password of admin for the web-based configuration utility, which allows remote attackers to obtain sensitive information on the device such as telephone numbers called, and possibly connect to other hosts. | 7.5 |
| 2006-02-22 | CVE-2006-0832 | SQL Injection vulnerability in Webpagecity WPC easy Multiple SQL injection vulnerabilities in admin.asp in WPC.easy allow remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameter. | 7.5 |
| 2006-02-21 | CVE-2006-0831 | Remote Security vulnerability in Tasarim Rehberi PHP remote file include vulnerability in index.php in Tasarim Rehberi allows remote attackers to execute arbitrary PHP code via a URL in the (1) sayfaadi or (2) sayfa parameter. | 7.5 |
| 2006-02-21 | CVE-2006-0830 | Unspecified vulnerability in Microsoft Internet Explorer 6.0.2900 The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop. | 7.5 |
| 2006-02-21 | CVE-2006-0825 | Local Authentication Bypass vulnerability in Xerox WorkCentre Products Multiple unspecified vulnerabilities in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allow remote attackers to bypass authentication or gain "unauthorized network access" via unknown attack vectors. | 7.5 |
| 2006-02-21 | CVE-2006-0824 | Input Validation vulnerability in Geeklog Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to include arbitrary local files and execute arbitrary code via (1) absolute paths in unspecified parameters and (2) the language cookie, as demonstrated for code execution using error.log. | 7.5 |
| 2006-02-21 | CVE-2006-0823 | Input Validation vulnerability in Geeklog Multiple SQL injection vulnerabilities in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to inject arbitrary SQL commands via the (1) userid variable to users.php or (2) sessid variable to lib-sessions.php. | 7.5 |
| 2006-02-21 | CVE-2006-0821 | SQL-Injection vulnerability in Bxcp 0.299 SQL injection vulnerability in index.php in BXCP 0.299 allows remote attackers to execute arbitrary SQL commands via the tid parameter. | 7.5 |