Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4638 | 1 Acgv News | 1 Acgv News | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in article.php in ACGV News 0.9.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PathNews parameter. | |||||
| CVE-2006-4641 | 1 Muratsoft | 1 Haber Portal | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal 3.6 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | |||||
| CVE-2006-5618 | 1 Netref | 1 Netref | 2017-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter. | |||||
| CVE-2006-4644 | 1 Phpfullannu | 1 Phpfullannu | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the repmod parameter. | |||||
| CVE-2006-5622 | 1 Coppermine | 1 Coppermine Photo Gallery | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter. | |||||
| CVE-2006-4647 | 1 Sponge News | 1 Sponge News | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sndir parameter. | |||||
| CVE-2006-5714 | 1 Efs Software | 1 Efs Web Server | 2017-10-18 | 5.0 MEDIUM | N/A |
| Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream. | |||||
| CVE-2006-5623 | 1 Ee Tool | 1 Ee Tool | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in ip.inc.php in Electronic Engineering Tool (EE Tool) 0.4-1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cgipath parameter. | |||||
| CVE-2006-6093 | 1 Picturespro | 1 Picturespro Photo Cart | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 allow remote attackers to execute arbitrary PHP code via a URL in the (1) admin_folder and (2) path parameters. | |||||
| CVE-2006-5625 | 1 Nx | 1 N X Wcms | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter. | |||||
| CVE-2006-6328 | 1 Torrentflux | 1 Torrentflux | 2017-10-18 | 4.9 MEDIUM | N/A |
| Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter. | |||||
| CVE-2006-6329 | 1 Torrentflux | 1 Torrentflux | 2017-10-18 | 4.9 MEDIUM | N/A |
| index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter. | |||||
| CVE-2006-6330 | 1 Torrentflux | 1 Torrentflux | 2017-10-18 | 6.0 MEDIUM | N/A |
| index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter. | |||||
| CVE-2006-6823 | 1 Yrch | 1 Yrch | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc.php in Yrch! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | |||||
| CVE-2006-4669 | 1 Somery | 1 Somery | 2017-10-18 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter. | |||||
| CVE-2006-5637 | 1 Faq Administrator | 1 Faq Administrator | 2017-10-18 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in faq_reply.php in Faq Administrator 2.1b allows remote attackers to execute arbitrary PHP code via a URL in the email parameter. | |||||
| CVE-2006-5638 | 1 Phpmyring | 1 Phpmyring | 2017-10-18 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in cherche.php in PHPMyRing 4.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) limite and (2) mots parameters. | |||||
| CVE-2006-4676 | 1 Tibco | 1 Rendezvous | 2017-10-18 | 1.2 LOW | N/A |
| TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file. | |||||
| CVE-2006-4681 | 1 Ibm | 1 Director | 2017-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter. | |||||
| CVE-2006-5640 | 1 Techno Dreams | 1 Techno Dreams Guest Book | 2017-10-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in guestbookview.asp in Techno Dreams Guest Book 1.0 earlier allows remote attackers to execute arbitrary SQL commands via the key parameter. | |||||