Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-4622 | Input Validation vulnerability in Efilego 3.0.1 Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... | 7.5 |
| 2005-12-31 | CVE-2005-4621 | Cross-Site Scripting vulnerability in VBulletin Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly requiring a trailing extension such as .jpg. network jelsoft | 4.3 |
| 2005-12-31 | CVE-2005-4620 | Buffer Overflow vulnerability in RARLAB WinRAR Command Line Processing Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. | 4.6 |
| 2005-12-31 | CVE-2005-4619 | SQL Injection vulnerability in PHPOutsourcing Zorum RollID SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method. | 7.5 |
| 2005-12-31 | CVE-2005-4617 | SQL Injection vulnerability in Forperfect Csupport 1.0 SQL injection vulnerability in tickets.php in cSupport 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the pg parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4616 | SQL-Injection vulnerability in Idevspot Isupport 1.06 SQL injection vulnerability in index.php in iSupport 1.06 allows remote attackers to execute arbitrary SQL commands via the include_file parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4615 | SQL-Injection vulnerability in DapperDesk SQL injection vulnerability in news.php in DapperDesk 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4614 | SQL-Injection vulnerability in digiSHOP Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. | 7.5 |
| 2005-12-31 | CVE-2005-4613 | Cross-Site Scripting vulnerability in Vubb Alpharc1 Cross-site scripting (XSS) vulnerability in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified fields in the user edit profile. network vubb | 4.3 |
| 2005-12-31 | CVE-2005-4612 | SQL-Injection vulnerability in Vubb Alpharc1 Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php, (2) t parameter to viewtopic.php, and (3) view parameter to usercp.php. | 7.5 |