Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-4616 | SQL-Injection vulnerability in Idevspot Isupport 1.06 SQL injection vulnerability in index.php in iSupport 1.06 allows remote attackers to execute arbitrary SQL commands via the include_file parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4615 | SQL-Injection vulnerability in DapperDesk SQL injection vulnerability in news.php in DapperDesk 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4614 | SQL-Injection vulnerability in digiSHOP Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. | 7.5 |
| 2005-12-31 | CVE-2005-4612 | SQL-Injection vulnerability in Vubb Alpharc1 Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php, (2) t parameter to viewtopic.php, and (3) view parameter to usercp.php. | 7.5 |
| 2005-12-31 | CVE-2005-4611 | SQL-Injection vulnerability in Free Clickbank SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4610 | Unspecified vulnerability in Dopewars Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors. | 7.5 |
| 2005-12-31 | CVE-2005-4608 | SQL Injection vulnerability in INCOGEN Bugport SQL injection vulnerability in index.php in BugPort 1.147 allows remote attackers to execute arbitrary SQL commands via the (1) devWherePair[0], (2) orderBy, and (3) where parameters. | 7.5 |
| 2005-12-31 | CVE-2005-4606 | SQL Injection vulnerability in Webwiz products SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter. | 7.5 |
| 2005-12-31 | CVE-2005-4602 | SQL Injection vulnerability in MyBB File Upload SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment. | 7.5 |
| 2005-12-31 | CVE-2005-4601 | Remote Command Execution vulnerability in Imagemagick 6.2.4.5 The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. | 7.5 |