Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-01 | CVE-2005-3945 | Remote Denial of Service vulnerability in Microsoft Windows 2000 and Windows 2003 Server The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups. | 7.8 |
| 2005-12-01 | CVE-2005-3944 | SQL Injection vulnerability in Survey System Survey.PHP SQL injection vulnerability in survey.php in ilyav Survey System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the SURVEY_ID parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3943 | SQL Injection vulnerability in FAQ System Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) FAQ_ID and (2) action parameters in (a) viewFAQ.php; and (3) CATEGORY_ID parameter in (b) index.php. | 7.5 |
| 2005-12-01 | CVE-2005-3942 | SQL Injection vulnerability in Orca Knowledgebase Knowledgebase.PHP SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3941 | SQL Injection vulnerability in Orca Blog Blog.PHP SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3940 | SQL Injection vulnerability in Orca Ringmaker Ringmaker.PHP SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. | 7.5 |
| 2005-12-01 | CVE-2005-3939 | SQL Injection vulnerability in WSN Knowledge Base Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b) comments.php and (c) memberlist.php. | 7.5 |
| 2005-12-01 | CVE-2005-3938 | SQL Injection vulnerability in Softbiz FAQ SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | 7.5 |
| 2005-12-01 | CVE-2005-3937 | SQL Injection vulnerability in Softbiz B2B Trading Marketplace SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the cid parameter in (1) selloffers.php, (2) buyoffers.php, (3) products.php, or (4) profiles.php. | 7.5 |
| 2005-12-01 | CVE-2005-3936 | Unspecified vulnerability in Socketkb PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the __f parameter. | 7.5 |