Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6543 | 1 Appintellect | 1 Spotlight Crm | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in login.asp in AppIntellect SpotLight CRM 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) login (UserName) and possibly (2) password parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-5514 | 1 Web Group Communication Center | 1 Web Group Communication Center | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in quiz.php in Web Group Communication Center (WGCC) 0.5.6b and earlier allows remote attackers to execute arbitrary SQL commands via the qzid parameter. | |||||
| CVE-2006-6542 | 1 Fantastic News | 1 Fantastic News | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news.php in Fantastic News 2.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-3998 | 1 Wowroster | 1 Wowroster | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. | |||||
| CVE-2006-5518 | 1 Christopher Fowler | 1 Rssonate | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Christopher Fowler (Rhode Island) RSSonate allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) xml2rss.php, (2) config_local.php, (3) rssonate.php, and (4) sql2xml.php in Src/getFeed/inc/. | |||||
| CVE-2006-5521 | 1 Net Dns | 1 Net Dns | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in DNS/RR.php in Net_DNS 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpdns_basedir parameter. | |||||
| CVE-2006-5522 | 1 Johannes Erdfelt | 1 Kawf | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Johannes Erdfelt Kawf 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config parameter in (1) main.php or (2) user/account/main.php. | |||||
| CVE-2006-5523 | 1 Ez-ticket | 1 Ez-ticket | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common.php in EZ-Ticket 0.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ezt_root_path parameter. | |||||
| CVE-2006-6295 | 1 Mxbb | 1 Mx Tinies | 2017-10-18 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/mx_common.php in the mx_tinies 1.3.0 Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2006-5531 | 1 Ascended Development | 1 Ascended Guestbook | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter. | |||||
| CVE-2006-5023 | 1 Aspindir | 1 Xweblog | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter. | |||||
| CVE-2006-6802 | 1 Enthrallweb | 1 Epages | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote attackers to execute arbitrary SQL commands via the Biz_ID parameter. | |||||
| CVE-2006-3991 | 1 Voc-project | 1 Voodoo Chat | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter. | |||||
| CVE-2006-6551 | 1 Tucows | 1 Client Code Suite | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in libs/tucows/api/cartridges/crt_TUCOWS_domains/lib/domainutils.inc.php in Tucows Client Code Suite (CCS) 1.2.1015 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _ENV[TCA_HOME] parameter. | |||||
| CVE-2006-6524 | 1 Ezhrs | 1 Hr Assist | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the Uname (UserName) parameter. | |||||
| CVE-2006-4532 | 1 Bernard Pacques | 1 Yet Another Community System Cms | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter. | |||||
| CVE-2006-5539 | 1 Ueberproject Management System | 1 Ueberproject Management System | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in login/secure.php in UeberProject Management System 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfg[homepath] parameter. | |||||
| CVE-2006-4536 | 1 Cms Frogss | 1 Cms Frogss | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in module/rejestracja.php in CMS Frogss 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the podpis parameter. | |||||
| CVE-2006-6117 | 1 Fipsasp | 1 Fipsgallery | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the which parameter. | |||||
| CVE-2006-5551 | 1 Qksoft | 1 Qk Smtp | 2017-10-18 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command. | |||||