Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-10-06 | CVE-2005-3161 | SQL Injection vulnerability in PHP-Fusion Register.PHP And FAQ.PHP Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php. | 7.5 |
2005-10-06 | CVE-2005-3160 | SQL-Injection vulnerability in PHP Fusion Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote attackers to execute arbitrary SQL commands via the (1) album and (2) photo parameters. | 7.5 |
2005-10-06 | CVE-2005-3158 | SQL-Injection vulnerability in PHP Fusion 6.00.106/6.00.107 SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and CVE-2005-3159. | 7.5 |
2005-10-06 | CVE-2005-3157 | Unspecified vulnerability in PHP Fusion PHP Fusion 6.00.109 SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159. | 7.5 |
2005-10-05 | CVE-2005-3156 | Unspecified vulnerability in Easyguppy 4.5.4/4.5.5 Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal. network easyguppy | 4.3 |
2005-10-05 | CVE-2005-3155 | Buffer Overflow vulnerability in MailEnable W3C Logging Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code. | 7.5 |
2005-10-05 | CVE-2005-3154 | USE of Externally-Controlled Format String vulnerability in Softwin Bitdefender 7.2/8.0/9.0 Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name. | 7.5 |
2005-10-05 | CVE-2005-3153 | SQL-Injection vulnerability in Mywebland Mybloggie 2.1.3Beta login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. | 7.5 |
2005-10-05 | CVE-2005-3152 | Cross-Site Scripting vulnerability in Devellion Cubecart 3.0.3/3.0.7Pl1 Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the redir parameter to (1) cart.php or (2) index.php, or (3) the searchStr parameter in a viewCat action to index.php. network devellion | 4.3 |
2005-10-05 | CVE-2005-3151 | Buffer Overflow vulnerability in Blender 2.37A Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument. | 7.5 |