Max CVSS | 7.5 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2006-5232 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in iSearch 2.16 allow remote attackers to execute arbitrary PHP code via a URL in the isearch_path parameter in (1) index.php, (2) viewcache.php, (3) sitemap.php, (4) isearch.inc.php, (5) google_site
|
11-04-2024 - 00:41 | 11-10-2006 - 00:07 | |
CVE-2017-15702 | 7.5 |
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP
|
22-05-2023 - 15:46 | 01-12-2017 - 15:29 | |
CVE-2016-5013 | 5.8 |
In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.
|
01-12-2020 - 14:54 | 20-01-2017 - 08:59 | |
CVE-2006-5214 | 1.2 |
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is perf
|
30-10-2018 - 16:25 | 10-10-2006 - 04:06 | |
CVE-2006-5243 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Doc 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) down_stat.php, (2) file.ph
|
17-10-2018 - 21:41 | 12-10-2006 - 00:07 | |
CVE-2006-5220 | 5.1 |
Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the webyep_sIncludePath in (1) files in the programm/lib/ directory including (a) WYApplica
|
17-10-2018 - 21:41 | 10-10-2006 - 04:06 | |
CVE-2006-5226 | 7.5 |
PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.
|
17-10-2018 - 21:41 | 10-10-2006 - 21:07 | |
CVE-2006-5240 | 5.1 |
PHP remote file inclusion vulnerability in engine/require.php in Docmint 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the MY_ENV[BASE_ENGINE_LOC] parameter. Successful exploitat
|
17-10-2018 - 21:41 | 12-10-2006 - 00:07 | |
CVE-2006-5244 | 5.1 |
Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Blog 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) down_stat.php, (2) file.p
|
17-10-2018 - 21:41 | 12-10-2006 - 00:07 | |
CVE-2000-1085 | 4.6 |
The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which a
|
12-10-2018 - 21:29 | 09-01-2001 - 05:00 | |
CVE-2006-5257 | 7.5 |
PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_cache_path parameter.
|
19-10-2017 - 01:29 | 12-10-2006 - 22:07 | |
CVE-2007-0301 | 6.8 |
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. Successful exploitation requires that "register_globals" is
|
19-10-2017 - 01:29 | 18-01-2007 - 00:28 | |
CVE-2008-5004 | 7.5 |
SQL injection vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta allows remote attackers to execute arbitrary SQL commands via a crafted cookie.
|
29-09-2017 - 01:32 | 10-11-2008 - 14:12 | |
CVE-2006-5251 | 7.5 |
PHP remote file inclusion vulnerability in index.php in Deep CMS 2.0a allows remote attackers to execute arbitrary PHP code via a URL in the ConfigDir parameter. NOTE: the provenance of this information is unknown; the details are obtained from thir
|
05-09-2008 - 21:11 | 12-10-2006 - 22:07 |