Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-22 | CVE-2005-4479 | SQL Injection vulnerability in PHPslash 0.8.1 SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | 7.5 |
| 2005-12-22 | CVE-2005-4478 | SQL Injection vulnerability in Papoo Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the (2) forumid and (3) reporeid_print parameters to (c) print.php. | 7.5 |
| 2005-12-22 | CVE-2005-4472 | Multiple vulnerability in Macromedia JRun Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters. | 7.5 |
| 2005-12-22 | CVE-2005-4470 | Integer Overflow vulnerability in Blender BlenLoader File Processing Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. | 7.5 |
| 2005-12-22 | CVE-2005-4469 | Remote Script Code Execution vulnerability in PHPGedView Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_register.php, which is directly inserted into authenticate.php. | 7.5 |
| 2005-12-22 | CVE-2005-4468 | Remote Script Code Execution vulnerability in PHPGedView PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. | 7.5 |
| 2005-12-22 | CVE-2005-4466 | Remote Heap Corruption Denial Of Service vulnerability in Interactive Intelligence Interaction SIP Proxy 3.0.010 Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters. | 7.5 |
| 2005-12-22 | CVE-2005-4465 | Denial Of Service vulnerability in NEC UNIVERGE IX1000/IX2000/IX3000 IKE Exchange The Internet Key Exchange version 1 (IKEv1) implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | 7.5 |
| 2005-12-22 | CVE-2005-4464 | Remote Kernel Deadlock Denial Of Service vulnerability in Ingate Firewall and SIParator Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response. | 7.8 |
| 2005-12-21 | CVE-2005-4462 | Remote File Include vulnerability in Tolva 0.1.0 PHP remote file include vulnerability in usermods.php in Tolva PHP website system 0.1.0 allows remote attackers to execute arbitrary code via a URL in the ROOT parameter. | 7.5 |