Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-07 | CVE-2006-7161 | SQL-Injection vulnerability in Aspindir Hazirsite 2.0 SQL injection vulnerability in giris_yap.asp in Hazir Site 2.0 allows remote attackers to bypass authentication via the (1) k_a class or (2) sifre parameter. | 7.5 |
2007-03-07 | CVE-2006-7157 | Buffer Errors vulnerability in Google Earth 4.0.2091 Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element. | 7.1 |
2007-03-07 | CVE-2006-7155 | Unspecified vulnerability in Novell Bordermanager 3.8 Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. | 7.5 |
2007-03-07 | CVE-2006-7152 | Privilege Escalation vulnerability in Asp-Nuke Community Cookie default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values. network asp-nuke | 8.5 |
2007-03-07 | CVE-2006-7150 | SQL-Injection vulnerability in Mambo Open Source 4.6/4.6.1 Multiple SQL injection vulnerabilities in Mambo 4.6.x allow remote attackers to execute arbitrary SQL commands via the mcname parameter to (1) moscomment.php and (2) com_comment.php. | 7.5 |
2007-03-07 | CVE-2006-7144 | SQL-Injection vulnerability in Call-Center-Software SQL injection vulnerability in Call Center Software 0.93 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the user name in the login page. | 7.5 |
2007-03-07 | CVE-2006-7142 | Use of Hard-coded Credentials vulnerability in Utimaco Safeguard 4.30 The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive. | 7.8 |
2007-03-07 | CVE-2007-1306 | Remote Denial of Service vulnerability in Asterisk SIP Channel Driver Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference. | 7.8 |
2007-03-07 | CVE-2007-1303 | Directory Traversal vulnerability in RRDBrowse File Parameter Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earlier allows remote attackers to read arbitrary files via a .. | 7.8 |
2007-03-07 | CVE-2007-1300 | Information Disclosure vulnerability in Douran Software Technologies Isputil 3.32.84.1 DOURAN Software Technologies ISPUtil 3.32.84.1, and possibly earlier versions, stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain user and reseller data via a direct request for scripts/activesessions.ini. | 7.8 |