Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-21 | CVE-2006-0349 | Input Validation vulnerability in Epic Designs Eggblog 2.0 SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php. | 7.5 |
| 2006-01-21 | CVE-2006-0345 | Input Validation vulnerability in Saral Kaushik Saralblog 1.0 Multiple SQL injection vulnerabilities in SaralBlog 1.0 allow remote attackers to execute arbitrary SQL commands via the search parameter to search.php. | 7.5 |
| 2006-01-21 | CVE-2006-0342 | Resource Management Errors vulnerability in Rockliffe Mailsite 7.0.3.1 RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|". | 7.8 |
| 2006-01-21 | CVE-2006-0340 | Improper Input Validation vulnerability in Cisco IOS Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | 7.1 |
| 2006-01-21 | CVE-2006-0339 | Remote Buffer Overflow vulnerability in Bitcomet 0.60 Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file. | 7.5 |
| 2006-01-21 | CVE-2006-0337 | Archive Handling vulnerability in F-Secure Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. | 7.5 |
| 2006-01-21 | CVE-2006-0329 | SQL Injection vulnerability in Hitachi HITSENSER Data Mart Server SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, BS-M, BS-L, and EX allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
| 2006-01-20 | CVE-2006-0325 | OS Command Injection vulnerability in Etomite Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the web site in January 2006 after January 10, contains a back door in manager/includes/todo.inc.php, which allows remote attackers to execute arbitrary commands via the "cij" parameter. | 7.5 |
| 2006-01-20 | CVE-2006-0045 | Command Execution vulnerability in Linley Henzell Dungeon Crawl 4.0.0B23 crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges. | 7.2 |
| 2006-01-20 | CVE-2006-0019 | Remote Heap Overflow vulnerability in KDE KJS Encodeuri / Decodeuri Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI. | 7.5 |