Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6566 | 1 Mxbb | 1 Mxbb | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2006-6560 | 1 Mxbb | 1 Modsdb | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/common.php in the mx_modsdb 1.0.0 module for MxBB (aka MX-System) Portal allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2006-6786 | 1 Open Newsletter | 1 Open Newsletter | 2017-10-18 | 6.5 MEDIUM | N/A |
| Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php. | |||||
| CVE-2006-6787 | 1 Mxmania | 1 Newsletter Mx | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsletter MX 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2006-5525 | 1 Phpnuke | 1 Php-nuke | 2017-10-18 | 5.1 MEDIUM | N/A |
| Incomplete blacklist vulnerability in mainfile.php in PHP-Nuke 7.9 and earlier allows remote attackers to conduct SQL injection attacks via (1) "/**/UNION " or (2) " UNION/**/" sequences, which are not rejected by the protection mechanism, as demonstrated by a SQL injection via the eid parameter in a search action in the Encyclopedia module in modules.php. | |||||
| CVE-2006-5471 | 1 Softerra | 1 Php Developer Library | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) cfg_dir and (2) lib_dir parameters. | |||||
| CVE-2006-5472 | 1 Softerra | 1 Php Developer Library | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter in (1) lib/registry.lib.php, (2) lib/sqlcompose.lib.php, and (3) lib/sqlsearch.lib.php. | |||||
| CVE-2006-6559 | 1 Lotfian | 1 Request For Travel | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ProductDetails.asp in Lotfian Request For Travel 1.0 allows remote attackers to execute arbitrary SQL commands via the PID parameter. | |||||
| CVE-2006-4045 | 1 Torbstoff | 1 Torbstoff News | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in news.php in Torbstoff News 4 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter. | |||||
| CVE-2006-6558 | 1 Crob | 1 Crob Ftp Server | 2017-10-18 | 5.0 MEDIUM | N/A |
| Crob FTP Server 3.6.1 b.263 allows remote attackers to cause a denial of service via a long series of "?A" sequences in the (1) LIST and possibly (2) NLST command. | |||||
| CVE-2006-4040 | 1 Mywebland | 1 Myevent | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in myevent.php in myWebland myEvent 1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter. | |||||
| CVE-2006-4488 | 1 Exbb | 1 Exbb Italia | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in modules/userstop/userstop.php in ExBB Italia 0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the exbb[home_path] parameter. | |||||
| CVE-2006-6150 | 1 Owllib | 1 Owllib | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in memory/OWLMemoryProperty.php in OWLLib 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the OWLLIB_ROOT parameter. | |||||
| CVE-2006-4102 | 1 Falko Timme And Till Brehm | 1 Sqlitewebadmin | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in tpl.inc.php in Falko Timme and Till Brehm SQLiteWebAdmin 0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the conf[classpath] parameter. | |||||
| CVE-2006-5054 | 1 Iyzi Forum | 1 Iyzi Forum | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in uye/uye_ayrinti.asp in iyzi Forum 1 Beta 2 and earlier allows remote attackers to execute arbitrary SQL commands via the uye_nu parameter. | |||||
| CVE-2006-6149 | 1 Jiros | 1 Faq Manager | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.asp in JiRos FAQ Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the tID parameter. | |||||
| CVE-2006-6792 | 1 Mxmania | 1 Calendar Mx Basic | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar_detail.asp in Calendar MX BASIC 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-5053 | 1 Web-news | 1 Web-news | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in webnews/template.php in Web-News 1.6.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content_page parameter. | |||||
| CVE-2006-4489 | 1 Ultrize | 1 Minibill | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07-14 (1.2.2) allow remote attackers to execute arbitrary PHP code via (1) a URL in the config[include_dir] parameter in actions/ipn.php or (2) an FTP path in the config[plugin_dir] parameter in include/initPlugins.php. | |||||
| CVE-2006-6553 | 1 Mxbb | 1 Mxbb Newssuite | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter. | |||||