Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-21 | CVE-2005-4461 | SQL Injection vulnerability in Beehive Forum SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_sess parameter. | 7.5 |
| 2005-12-21 | CVE-2005-4457 | Denial-Of-Service vulnerability in Mailenable Enterprise 1.1 MailEnable Enterprise 1.1 before patch ME-10009 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via several "..." (triple dot) sequences in a UID FETCH command. | 7.5 |
| 2005-12-21 | CVE-2005-4456 | IMAP Remote Buffer Overflow vulnerability in MailEnable Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. | 7.8 |
| 2005-12-21 | CVE-2005-4451 | Remote Unauthorized Access vulnerability in HP Hp-Ux 11.11 Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors. | 7.5 |
| 2005-12-21 | CVE-2005-4450 | Cross-Site Request Forgery vulnerability in PHPmyadmin 2.7.0Pl1 Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.7.0 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag to server_privileges.php, as demonstrated using the dbname and checkprivs parameters. | 7.5 |
| 2005-12-21 | CVE-2005-4267 | Buffer Errors vulnerability in Qualcomm Worldmail 3.0 Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands. | 7.5 |
| 2005-12-21 | CVE-2005-4447 | SQL-Injection vulnerability in phpCOIN SQL injection vulnerability in articles\articles_funcs.php in phpCOIN 1.2.2 allows remote attackers to modify SQL syntax and possibly execute SQL in limited circumstances via the rec_next parameter. | 7.5 |
| 2005-12-21 | CVE-2005-4443 | Packages Insecure RUNPATH vulnerability in Gentoo Linux Untrusted search path vulnerability in Gauche before 0.8.6-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | 7.2 |
| 2005-12-21 | CVE-2005-4442 | Packages Insecure RUNPATH vulnerability in Gentoo Linux Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | 7.2 |
| 2005-12-21 | CVE-2005-4439 | Remote Buffer Overflow vulnerability in Elog Elogd 2.6.0Beta4 Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a URL with a long (1) cmd or (2) mode parameter. | 7.8 |