Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-15 | CVE-2006-0688 | Remote File Include vulnerability in Nicecoder Indexu 5.0.0/5.0.1 PHP remote file include vulnerability in application.php in nicecoder.com indexu 5.0.0 and 5.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. | 7.5 |
| 2006-02-15 | CVE-2006-0684 | Input Validation And Access Validation vulnerability in Virtual Hosting Control System change_password.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not verify the old password when a user changes the password, which may allow remote attackers to gain unauthorized access. | 7.5 |
| 2006-02-15 | CVE-2006-0681 | Remote Format String vulnerability in PowerD Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable. | 7.5 |
| 2006-02-14 | CVE-2006-0453 | Remote Denial Of Service vulnerability in Redhat Fedora Core 1.0 The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite. | 7.8 |
| 2006-02-14 | CVE-2006-0021 | Buffer Errors vulnerability in Microsoft Windows 2003 Server and Windows XP Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." | 7.8 |
| 2006-02-14 | CVE-2006-0008 | Permissions, Privileges, and Access Controls vulnerability in Microsoft Office, Windows 2003 Server and Windows XP The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. | 7.2 |
| 2006-02-14 | CVE-2006-0677 | Denial Of Service vulnerability in Heimdal TelnetD telnetd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2 allows remote unauthenticated attackers to cause a denial of service (server crash) via unknown vectors that trigger a null dereference. | 7.8 |
| 2006-02-13 | CVE-2006-0673 | SQL Injection vulnerability in Reamday Enterprises Magic Calendar Lite 1.02 Multiple SQL injection vulnerabilities in cms/index.php in Magic Calendar Lite 1.02, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) $total_login and (2) $total_password parameter. | 7.5 |
| 2006-02-13 | CVE-2006-0671 | Phones Remote Denial of Service vulnerability in Sony Ericsson Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet. | 7.8 |
| 2006-02-13 | CVE-2006-0668 | SQL Injection vulnerability in Pwsphp 1.2.3 SQL injection vulnerability in index.php in PwsPHP 1.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter, possibly in message.php in the espace_membre module. | 7.5 |