Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | Akarru -- Social BookMarking Engine
| PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter. | | 7.0 | CVE-2006-4645 OTHER-REF BID FRSIRT SECUNIA XF BUGTRAQ
| Amazing Little Picture Poll -- Amazing Little Picture Poll Amazing Little Poll -- Amazing Little Poll
| (1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php. | | 7.0 | CVE-2006-4652 BUGTRAQ BID XF
| Andreas Gohr -- DokuWiki
| Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote attackers to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php. | | 7.0 | CVE-2006-4674 BUGTRAQ ALTERVISTA OTHER-REF SECUNIA
| Andreas Gohr -- DokuWiki
| Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors. | | 7.0 | CVE-2006-4675 BUGTRAQ ALTERVISTA SECUNIA
| BinGo News -- BinGo News
| PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter. | | 7.0 | CVE-2006-4648 OTHER-REF BID FRSIRT SECUNIA XF SECTRACK BUGTRAQ
| BinGo News -- BinGo News
| PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter. | | 7.0 | CVE-2006-4649 FRSIRT SECTRACK BUGTRAQ
| Bugada Andrea -- PHP Advanced Transfer Manager
| Multiple PHP remote file inclusion vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 allow remote attackers to execute arbitrary PHP code via the include_location parameter in (1) activate.php, (2) configure.php, (3) fileop.php, (4) getimg.php, (5) ipblocked.php, (6) register.php, (7) showrecent.php, (8) showtophits.php, (9) usrmanag.php, (10) viewer_bottom.php, (11) viewer_content.php, and (12) viewer_top.php. NOTE: The login.php and confirm.php vectors are already covered by CVE-2006-4594. | | 7.0 | CVE-2006-4749 BUGTRAQ
| C-News.fr -- C-News
| PHP remote file inclusion vulnerability in affichage/commentaires.php in C-News.fr C-News 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | | 7.0 | CVE-2006-4629 OTHER-REF BID FRSIRT SECUNIA OSVDB XF
| CMS.R. -- CMS.R.
| Multiple SQL injection vulnerabilities in index.php in CMS.R. allow remote attackers to execute arbitrary SQL commands via the (1) adminname and (2) adminpass parameters. | | 7.0 | CVE-2006-4736 BUGTRAQ BID
| ComScripts -- News Evolution
| PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php. | | 7.0 | CVE-2006-4678 BUGTRAQ XF
| ComScripts -- Web Server Creator
| PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter. | | 7.0 | CVE-2006-4746 BUGTRAQ OTHER-REF
| ComScripts -- PHProg
| Cross-site scripting (XSS) vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that reveals the installation path in an error message. | | 7.0 | CVE-2006-4754 FULLDISC OTHER-REF OTHER-REF BID SECUNIA XF XF
| Drupal -- Drupal Pathauto Module
| Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Pathauto module before pathauto_node.inc 1.17.2.1 and the Drupal 4.6 Pathauto module before pathauto_node.inc 1.14.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | | 7.0 | CVE-2006-4646 OTHER-REF BID FRSIRT SECUNIA XF
| Drupal -- Drupal Pubcookie module
| The login redirection mechanism in the Drupal 4.7 Pubcookie module before 1.2.2.4 2006/09/06 and the Drupal 4.6 Pubcookie module before 1.6.2.1 2006/09/07 allows remote attackers to bypass authentication requirements and spoof identities of arbitrary users via unspecified vectors. | | 7.0 | CVE-2006-4717 DRUPAL BID FRSIRT SECUNIA
| F-ART Agency -- BLOG:CMS
| Multiple SQL injection vulnerabilities in F-ART BLOG:CMS 4.1 allow remote attackers to execute arbitrary SQL commands via the (1) xagent, (2) xpath, (3) xreferer, and (4) xdns parameters in (a) admin/plugins/NP_Log.php, and the (5) pitem parameter in (b) admin/plugins/NP_Poll.php; and allow remote authenticated users to execute arbitrary SQL commands via the (6) pageRef parameter in (c) admin/plugins/NP_Referrer.php. | | 7.0 | CVE-2006-4748 BUGTRAQ OTHER-REF OTHER-REF XF
| Fire Soft Board -- Fire Soft Board
| PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | | 7.0 | CVE-2006-4716 OTHER-REF Milw0rm BID XF
| GTASoft -- PhotoKorn Gallery
| Multiple PHP remote file inclusion vulnerabilities in PhotoKorn Gallery 1.52 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) includes/cart.inc.php or (2) extras/ext_cats.php. | | 7.0 | CVE-2006-4670 OTHER-REF FRSIRT SECUNIA BUGTRAQ BUGTRAQ BID OSVDB OSVDB XF
| IBM -- Lotus Domino Web Access
| IBM Lotus Domino Web Access (DWA) 7.0.1 does not expire a client's Lightweight Third-Party Authentication token (LtpaToken) upon logout, which allows remote attackers to obtain a user's privileges by intercepting the LtpaToken cookie. | | 7.0 | CVE-2006-4763 BUGTRAQ FISHNET OTHER-REF BID
| IDevSpot -- PhpLinkExchange
| PHP remote file inclusion vulnerability in bits_listings.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary code via the svr_rootPhpStart parameter. | | 7.0 | CVE-2006-4741 BUGTRAQ BID
| Ipswitch -- IMail Secure Server Ipswitch -- IMail Plus Ipswitch -- Ipswitch Collaboration Suite
| Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character. | | 7.0 | CVE-2006-4379 OTHER-REF OTHER-REF OTHER-REF BID FRSIRT SECUNIA BUGTRAQ SECTRACK SECTRACK XF
| Jetbox -- Jetbox CMS
| SQL injection vulnerability in index.php in Jetbox CMS allows remote attackers to inject arbitrary web script or HTML via the item parameter. NOTE: The view vector is already covered by CVE-2006-3586.2. | | 7.0 | CVE-2006-4737 BUGTRAQ BID XF
| Jetbox -- Jetbox CMS
| PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270. | | 7.0 | CVE-2006-4738 BUGTRAQ BID XF
| KorviBlog -- KorviBlog
| Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) prenom, (2) emailFrom, or (3) body parameters. | | 7.0 | CVE-2006-4718 FULLDISC BID SECUNIA XF
| McGallery -- McGallery PRO
| PHP remote file inclusion vulnerability in random2.php in mcGalleryPRO 2006 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_folder parameter. | | 7.0 | CVE-2006-4720 Milw0rm OTHER-REF BID FRSIRT SECUNIA BUGTRAQ XF
| Microsoft -- Windows 2000 Microsoft -- Internet Explorer Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869. | | 7.0 | CVE-2006-3873 OTHER-REF MS BUGTRAQ OTHER-REF BID
| Mirabilis -- ICQ
| Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. | | 7.0 | CVE-2006-4662 BUGTRAQ OTHER-REF BID CERT-VN FRSIRT SECUNIA XF
| Muratsoft -- Haber Portal
| SQL injection vulnerability in kategori.asp in Muratsoft Haber Portal 3.6 allows remote attackers to execute arbitrary SQL commands via the kat parameter. | | 7.0 | CVE-2006-4641 Milw0rm BID XF
| MyBB -- MyBB
| Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.1.7 allows remote attackers to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded space, as demonstrated using "java& #115;cript," a different vulnerability than CVE-2006-3761. | | 7.0 | CVE-2006-4706 BUGTRAQ OTHER-REF MyBB FRSIRT
| MyBB -- MyBB
| Cross-site scripting (XSS) vulnerability in admin/global.php (aka the Admin CP login form) in MyBB (aka MyBulletinBoard) 1.1.7 allows remote attackers to inject arbitrary web script or HTML via the query string ($_SERVER[PHP_SELF]). | | 7.0 | CVE-2006-4707 BUGTRAQ OTHER-REF MyBB FRSIRT
| OpenBB -- OpenBB
| PHP remote file inclusion vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) index.php and possibly (2) collector.php. | | 7.0 | CVE-2006-4722 BUGTRAQ BID FRSIRT XF
| Panda -- Panda Platinum Internet Security
| Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying (1) WebProxy.exe or (2) PAVSRV51.EXE. | | 7.0 | CVE-2006-4657 BUGTRAQ OTHER-REF BID SECUNIA FRSIRT
| phpFullAnnu -- phpFullAnnu
| PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the repmod parameter. | | 7.0 | CVE-2006-4644 OTHER-REF BID FRSIRT SECUNIA
| phpMyDirectory -- phpMyDirectory
| SQL injection vulnerability in alpha.php in phpMyDirectory 10.4.6 and earlier allows remote attackers to execute arbitrary SQL commands via the letter parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-4756 FRSIRT SECUNIA
| PHPOpenChat -- PHPOpenChat
| ** DISPUTED ** PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows remote attackers to execute arbitrary PHP code via the sourcedir parameter. NOTE: this issue was disputed by a third-party researcher who stated that the _REQUEST parameters were dynamically unset at the beginning of the file. Another researcher noted, and CVE agrees, that the unset PHP function can be bypassed (CVE-2006-3017). If this issue is due to a vulnerability in PHP, then it should be excluded from CVE. | | 7.0 | CVE-2006-4677 BUGTRAQ BUGTRAQ BUGTRAQ OTHER-REF
| profitCode -- ppalCart
| PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, possibly a component of PayProCart, allows remote attackers to execute arbitrary PHP code via a URL in the (1) proMod parameter to (a) index.php, or the (2) docroot parameter to (b) index.php or (c) mainpage.php. | | 7.0 | CVE-2006-4672 Milw0rm BID XF BUGTRAQ FRSIRT SECUNIA
| PSYWERKS -- PUMA
| PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA 1.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. | | 7.0 | CVE-2006-4713 OTHER-REF Milw0rm BID FRSIRT BUGTRAQ XF
| RunCMS -- RunCMS
| Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php. | | 7.0 | CVE-2006-4667 BUGTRAQ OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| Sage -- Sage
| Multiple cross-site scripting (XSS) vulnerabilities in Sage 1.3.6 allow remote attackers to inject arbitrary web script or HTML via JavaScript in a content:encoded element within an item element in an RSS feed, as demonstrated by four example content:encoded elements that use XMLHttpRequest to read arbitrary local files, aka "Cross Context Scripting." | | 7.0 | CVE-2006-4712 OTHER-REF OTHER-REF OTHER-REF OTHER-REF BID BUGTRAQ OTHER-REF FRSIRT SECUNIA XF
| SIPS -- SIPS
| PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[sipssys] parameter. | | 7.0 | CVE-2006-4733 BUGTRAQ OTHER-REF BID
| Sky Gunning -- MySpeach
| PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING MySpeach 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the my_ms[root] parameter. | | 7.0 | CVE-2006-4630 OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| SoftBB -- SoftBB
| Multiple SQL injection vulnerabilities in SoftBB 0.1, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via the (1) groupe parameter in addmembre.php and the (2) select parameter in moveto.php. | | 7.0 | CVE-2006-4632 BUGTRAQ OTHER-REF OTHER-REF SECTRACK SECUNIA
| Sponge News -- Sponge News
| PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sndir parameter. | | 7.0 | CVE-2006-4647 OTHER-REF BID FRSIRT SECUNIA XF
| SpoonLabs -- Vivvo Article Management CMS
| SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | | 7.0 | CVE-2006-4715 OTHER-REF Milw0rm BID FRSIRT SECUNIA XF
| Stefan Ernst -- Newsscript
| Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote attackers to execute arbitrary PHP code via a URL in the (1) ide parameter in (a) article.php; or the (2) pwfile parameter in (b) delete.php, (c) modify.php, (d) admin.php, or (e) modify_go.php. | | 7.0 | CVE-2006-4666 BUGTRAQ BID FRSIRT SECUNIA
| SZEWO -- PhpCommander
| Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code. | | 7.0 | CVE-2006-4636 OTHER-REF BID FRSIRT SECUNIA
| TikiWiki Project -- TikiWiki
| Multiple SQL injection vulnerabilities in tiki-g-admin_processes.php in Tikiwiki 1.9.4 allow remote attackers to execute arbitrary SQL commands via the (1) pid and (2) where parameters. | | 7.0 | CVE-2006-4734 BUGTRAQ SOURCEFORGE OTHER-REF BID
| Uni-Vert -- PhpLeague
| SQL injection vulnerability in consult/joueurs.php in Uni-Vert PhpLeague 0.82 and earlier allows remote attackers to execute arbitrary SQL commands via the id_joueur parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-4643 BID FRSIRT SECUNIA
| Vikingboard -- Vikingboard
| Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php. | | 7.0 | CVE-2006-4708 BUGTRAQ BID
| Web-Provence -- SL_Site
| PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. | | 7.0 | CVE-2006-4656 BUGTRAQ OTHER-REF BID XF SECTRACK
| WTools -- WTools
| PHP remote file inclusion vulnerability in common.php in Thomas LETE WTools 0.0.1-ALPH allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | | 7.0 | CVE-2006-4764 BUGTRAQ BID
| X.Org -- X.Org XFree86 Project -- XFree86 X
| Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. | | 7.0 | CVE-2006-3739 IDEFENSE REDHAT REDHAT GENTOO UBUNTU BID FRSIRT FRSIRT SECUNIA SECUNIA SECUNIA SECUNIA SECUNIA SECUNIA
| X.Org -- X.Org XFree86 Project -- XFree86 X
| Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections. | | 7.0 | CVE-2006-3740 IDEFENSE REDHAT REDHAT GENTOO UBUNTU BID FRSIRT FRSIRT SECUNIA SECUNIA SECUNIA SECUNIA SECUNIA SECUNIA
| XHP -- CMS
| Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter. | | 7.0 | CVE-2006-4751 BUGTRAQ BID SECUNIA XF FRSIRT SECTRACK
|