Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5068 | 1 Brudaswen | 1 Brudanews | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in admin/index.php in Brudaswen (1) BrudaNews 1.1 and earlier and (2) BrudaGB 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the o parameter. | |||||
| CVE-2006-4072 | 1 Club-nuke | 1 Club-nuke | 2017-10-18 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 allow remote attackers to execute arbitrary SQL commands via the (1) haber_id parameter to haber_detay.asp, and allow remote authenticated users to execute arbitrary SQL commands via the (2) menu_id parameter to menu.asp. | |||||
| CVE-2006-6575 | 1 Brian Drawert | 1 Yaplap | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in ldap.php in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the LOGIN_style parameter. | |||||
| CVE-2006-6160 | 1 Doug Luxem | 1 Liberum Help Desk | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-4452 | 1 Web3king | 1 Web3news | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PHPSECURITYADMIN_PATH parameter. | |||||
| CVE-2006-6812 | 1 Myphpcalendar | 1 Myphpcalendar | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in myPHPCalendar 10.1 allow remote attackers to execute arbitrary PHP code via a URL in the cal_dir parameter to (1) admin.php, (2) contacts.php, or (3) convert-date.php. | |||||
| CVE-2006-4455 | 1 Xchat | 1 Xchat | 2017-10-18 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (crash) via unspecified vectors involving the PRIVMSG command. NOTE: the vendor has disputed this vulnerability, stating that it does not affect 2.6.7 "or any recent version". | |||||
| CVE-2006-4065 | 1 Dmitry Sheiko | 1 Sapid Gallery | 2017-10-18 | 5.1 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko SAPID Gallery 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_calendar.inc.php or the (2) GLOBALS[root_path] parameter to (b) usr/extensions/get_tree.inc.php. | |||||
| CVE-2006-4063 | 1 Csaba Godor | 1 Sapid Blog Beta 2 | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get_blog_meta_info.inc.php, or (c) usr/extensions/get_infochannel.inc.php; or the (2) GLOBALS[root_path] parameter to (d) usr/extensions/get_tree.inc.php. | |||||
| CVE-2006-4062 | 1 Dmitry Sheiko | 1 Sapid Shop | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in usr/extensions/get_tree.inc.php in Dmitry Sheiko SAPID Shop 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter. | |||||
| CVE-2006-4456 | 1 Phpecard | 1 Phpecard | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in functions.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | |||||
| CVE-2006-5065 | 1 Zoomstats | 1 Zoomstats | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter. | |||||
| CVE-2006-6568 | 1 Mxbb | 1 Kb Mods | 2017-10-18 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the phpEx parameter. | |||||
| CVE-2006-4458 | 1 Phpgroupware | 1 Phpgroupware | 2017-10-18 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in calendar/inc/class.holidaycalc.inc.php in phpGroupWare 0.9.16.010 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) sequence and trailing null (%00) byte in the GLOBALS[phpgw_info][user][preferences][common][country] parameter. | |||||
| CVE-2006-5547 | 1 Otscms | 1 Otscms | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 1.0.0 through 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][includes] parameter. | |||||
| CVE-2006-5458 | 1 Hinton Design | 1 Phpht Topsites | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common.php in Hinton Design phpht Topsites allows remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter. | |||||
| CVE-2006-5062 | 1 Pblang | 1 Pblang | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and earlier allows remote attackers to execute arbitrary PHP code via a URL in the temppath parameter. | |||||
| CVE-2006-6785 | 1 Open Newsletter | 1 Open Newsletter | 2017-10-18 | 7.5 HIGH | N/A |
| The (1) settings.php and (2) subscribers.php scripts in Open Newsletter 2.5 and earlier do not exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, or execute arbitrary code in conjunction with another vulnerability. | |||||
| CVE-2006-6567 | 1 Mxbb | 1 Kb Mods | 2017-10-18 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2006-5061 | 1 Advanced-clan-script | 1 Advanced-clan-script | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in mcf.php in Advanced-Clan-Script (AVCX) 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | |||||