| 22497 | HAMweather Template.php do_parse_code Function Arbitrary Code Execution | high |
| 22496 | OpenBiblio < 0.5.2 Multiple Scripts Local File Inclusion | high |
| 22480 | UBB.threads doeditconfig Arbitrary Command Injection | high |
| 22475 | DokuWiki fetch.php Multiple Parameter imconvert Function Arbitrary Command Execution | high |
| 22448 | CakePHP vendors.php file Parameter Traversal Arbitrary File Access | medium |
| 22413 | MyReview Admin.php email Parameter SQL Injection | high |
| 22412 | Exponent CMS index.php view Parameter Local File Inclusion | medium |
| 22409 | Claroline Software Detection | info |
| 22408 | Limbo com_fm Component sql.php classes_dir Parameter Remote File Inclusion | medium |
| 22368 | Site@School Multiple Script cmsdir Parameter Remote File Inclusion | high |
| 22367 | Limbo Contact Component (com_contact) contact.html.php contact_attach Unrestricted File Upload | high |
| 22366 | Dokeos claro_init_local.inc.php extAuthSource Parameter Array Remote File Inclusion | medium |
| 22365 | Claroline claro_init_local.inc.php extAuthSource[newUser] Parameter Remote File Inclusion | medium |
| 22364 | Moodle < 1.6.2 Multiple Vulnerabilities | high |
| 22362 | TWiki 'filename' Parameter Traversal Arbitrary File Access | medium |
| 22317 | RaidenHTTPD check.php SoftParserFileXml Parameter Remote File Inclusion | medium |
| 22316 | PHP-Fusion extract() Global Variable Overwriting | low |
| 22315 | DokuWiki doku.php X-FORWARDED-FOR HTTP Header Arbitrary Code Injection | high |
| 22310 | PmWiki < 2.1.21 Global Variables Overwriting | high |
| 22309 | SAP DB / MaxDB WebDBM Client Database Name Remote Overflow | critical |
| 22307 | Mailman Utils.py Spoofed Log Entry Injection | low |
| 22306 | WebAdmin < 3.2.6 MDaemon Account Hijacking | medium |
| 22305 | Easy Address Book Web Server Query Remote Format String | medium |
| 22303 | TikiWiki jhot.php Arbitrary File Upload | high |
| 22300 | Webmin Null Byte Filtering Information Disclosure | medium |
| 22299 | e107 ibrowser.php zend_has_del() Function Remote Code Execution | high |
| 22298 | Joomla! < 1.0.11 Unspecified Remote Code Execution | medium |
| 22297 | Joomla! < 1.0.11 administrator/index.php Input Weakness | medium |
| 22296 | CubeCart < 3.0.13 Multiple Remote Vulnerabilities (LFI, SQLi, XSS) | high |
| 22295 | Feedsplitter <= 2006-01-21 Multiple Remote Vulnerabilities (XSS, Traversal, Disc) | high |
| 22272 | Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authentication Bypass | medium |
| 22271 | PHProjekt <= 5.1 Multiple Remote File Inclusions | high |
| 22268 | PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities | high |
| 22267 | phpCOIN Multiple Script _CCFG Parameter Remote File Inclusion | medium |
| 22257 | WebAdmin < 3.2.5 Multiple Vulnerabilities | high |
| 22255 | osCommerce shopping_cart.php id Array Parameters SQL Injection | high |
| 22235 | Docebo GLOBALS Variable Overwrite Remote File Inclusion | medium |
| 22234 | Zen Cart autoload_func.php autoLoadConfig Array Remote File Inclusion | medium |
| 22233 | Zen Cart ipn_main_handler.php custom SQL Injection | high |
| 22232 | Owl Intranet Engine <= 0.91 Multiple Vulnerabilities | high |
| 22231 | CubeCart < 3.0.12 Multiple Vulnerabilities (SQLi, XSS) | high |
| 22230 | SquirrelMail compose.php session_expired_post Arbitrary Variable Overwriting | medium |
| 22206 | WEBInsta CMS index.php templates_dir Parameter Remote File Inclusion | high |
| 22205 | IPCheck Server Monitor Traversal Arbitrary File Access | medium |
| 22204 | Ruby on Rails Routing Code URL Code Evaluation DoS | high |
| 22203 | Apache on Windows mod_alias URL Validation Canonicalization CGI Source Disclosure | medium |
| 22130 | Barracuda Spam Firewall Default Credentials | high |
| 22124 | phpMyAdmin import_blacklist Variable Overwriting | medium |
| 22123 | TWiki configure Script Arbitrary Command Execution | high |
| 22117 | PatchLink Update Server proxyreg.asp Arbitrary Proxy Manipulation | high |
