Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-29 | CVE-2005-3864 | SQL Injection vulnerability in BerliOS SourceWell SQL injection vulnerability in index.php in SourceWell 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the cnt parameter. | 7.5 |
| 2005-11-29 | CVE-2005-3863 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ktools Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro. | 7.5 |
| 2005-11-29 | CVE-2005-3862 | Buffer Overflow vulnerability in Unalz Archive Filename Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives. | 7.5 |
| 2005-11-29 | CVE-2005-3861 | Code Injection vulnerability in PHPgreetz PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | 7.5 |
| 2005-11-29 | CVE-2005-3860 | Code Injection vulnerability in Oliver MAY Athena PHP Website Administration 0.1A PHP remote file inclusion vulnerability in athena.php in Oliver May Athena PHP Website Administration 0.1a allows remote attackers to execute arbitrary PHP code via a URL in the athena_dir parameter. | 7.5 |
| 2005-11-29 | CVE-2005-3859 | Code Injection vulnerability in Q-News 2.0 PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | 7.5 |
| 2005-11-27 | CVE-2005-3858 | Remote Denial Of Service vulnerability in Linux Kernel IP6_Input_Finish Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might allow attackers to cause a denial of service via malformed IPv6 packets with unspecified parameter problems, which prevents the SKB from being freed. | 7.8 |
| 2005-11-27 | CVE-2005-3855 | SQL Injection vulnerability in Easybe 1-2-3 Music Store 1.0 SQL injection vulnerability in process.php in 1-2-3 music store allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | 7.5 |
| 2005-11-27 | CVE-2005-3853 | SQL-Injection vulnerability in Solucija Snews 1.2 SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category parameters to index.php. | 7.5 |
| 2005-11-27 | CVE-2005-3852 | SQL-Injection vulnerability in Onlinetechtools.Com Owos Lite 3.0 SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | 7.5 |