Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-01 | CVE-2005-3944 | SQL Injection vulnerability in Survey System Survey.PHP SQL injection vulnerability in survey.php in ilyav Survey System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the SURVEY_ID parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3943 | SQL Injection vulnerability in FAQ System Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) FAQ_ID and (2) action parameters in (a) viewFAQ.php; and (3) CATEGORY_ID parameter in (b) index.php. | 7.5 |
| 2005-12-01 | CVE-2005-3942 | SQL Injection vulnerability in Orca Knowledgebase Knowledgebase.PHP SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3941 | SQL Injection vulnerability in Orca Blog Blog.PHP SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3940 | SQL Injection vulnerability in Orca Ringmaker Ringmaker.PHP SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3939 | SQL Injection vulnerability in WSN Knowledge Base Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b) comments.php and (c) memberlist.php. | 7.5 |
| 2005-12-01 | CVE-2005-3938 | SQL Injection vulnerability in Softbiz FAQ SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | 7.5 |
| 2005-12-01 | CVE-2005-3937 | SQL Injection vulnerability in Softbiz B2B Trading Marketplace SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php. | 7.5 |
| 2005-12-01 | CVE-2005-3936 | Unspecified vulnerability in Socketkb PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the __f parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3935 | SQL Injection vulnerability in SocketKB SQL injection vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) node and (2) art_id parameters. | 7.5 |