Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-4611 | SQL-Injection vulnerability in Free Clickbank SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4610 | Unspecified vulnerability in Dopewars Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors. | 7.5 |
| 2005-12-31 | CVE-2005-4609 | Information Disclosure vulnerability in BugPort index.php in BugPort 1.147 and earlier allows remote attackers to obtain sensitive information such as full path and system configuration via an invalid action parameter. | 5.0 |
| 2005-12-31 | CVE-2005-4608 | SQL Injection vulnerability in INCOGEN Bugport SQL injection vulnerability in index.php in BugPort 1.147 allows remote attackers to execute arbitrary SQL commands via the (1) devWherePair[0], (2) orderBy, and (3) where parameters. | 7.5 |
| 2005-12-31 | CVE-2005-4607 | Cross-Site Scripting vulnerability in INCOGEN Bugport Cross-site scripting (XSS) vulnerability in index.php in BugPort 1.147 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ids[0], (2) action, (3) report_id, (4) devWherePair[1][1], and (5) binds[0] parameters. network incogen | 4.3 |
| 2005-12-31 | CVE-2005-4606 | SQL Injection vulnerability in Webwiz products SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4604 | Buffer Overflow vulnerability in Jean-Jacques Sarton Mtink 1.0.5 Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable. | 10.0 |
| 2005-12-31 | CVE-2005-4603 | HTML Injection vulnerability in MyBB Print Thread Script Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread. network mybulletinboard | 4.3 |
| 2005-12-31 | CVE-2005-4602 | SQL Injection vulnerability in MyBB File Upload SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment. | 7.5 |
| 2005-12-31 | CVE-2005-4601 | Remote Command Execution vulnerability in Imagemagick 6.2.4.5 The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | 7.5 |