Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-26 | CVE-2005-3846 | SQL Injection vulnerability in Fantastic Scripts Fantastic News News.PHP SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
2005-11-26 | CVE-2005-3845 | SQL Injection vulnerability in Ezinvoiceinc EZ Invoice INC 2.0 SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. | 7.5 |
2005-11-26 | CVE-2005-3844 | SQL Injection vulnerability in PHPwordpress PHP News and Article Manager 3.0 SQL injection vulnerability in phpWordPress PHP News and Article Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) poll and (2) category parameters to index.php, and (3) the ctg parameter in an archive action. | 7.5 |
2005-11-26 | CVE-2005-3843 | SQL Injection vulnerability in Nicecoder Idesk 1.0 SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | 7.5 |
2005-11-26 | CVE-2005-3842 | SQL Injection vulnerability in Pdjkeelan.Com Pdjk-Support Suite 1.1A SQL injection vulnerability in index.php in pdjk-support suite 1.1a and earlier allows remote attackers to execute arbitrary SQL commands via the (1) rowstart, (2) news_id, and (3) faq_id parameters. | 7.5 |
2005-11-26 | CVE-2005-3840 | SQL Injection vulnerability in Omnistar Interactive Omnistar Live SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. | 7.5 |
2005-11-26 | CVE-2005-3838 | SQL Injection vulnerability in Isolsoft Support Center 2.2 Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field parameter. | 7.5 |
2005-11-26 | CVE-2005-3836 | SQL-Injection vulnerability in Desklance SQL injection vulnerability in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the announce parameter. | 7.5 |
2005-11-26 | CVE-2005-3835 | Code Injection vulnerability in Desklance PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the main parameter. | 7.5 |
2005-11-26 | CVE-2005-3833 | Input Validation vulnerability in Tunez SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to execute arbitrary SQL commands via the song_id parameter. | 7.5 |