Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-11-21 | CVE-2005-3697 | Authentication Bypass vulnerability in Uresk Links Uresk Links 2.0Lite Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | 7.5 |
2005-11-20 | CVE-2005-3696 | SQL Injection vulnerability in Arki-DB SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php. | 7.5 |
2005-11-20 | CVE-2005-3346 | Buffer Overflow vulnerability in OSH 1.7.14 Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call. | 7.2 |
2005-11-20 | CVE-2005-3694 | Remote Denial of Service vulnerability in Centericq 4.20.0R3 centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service (segmentation fault and crash) via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus. | 7.8 |
2005-11-19 | CVE-2005-3690 | Buffer Overflow vulnerability in MailEnable IMAP Mailbox Name Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands. | 7.5 |
2005-11-19 | CVE-2005-3686 | SQL Injection vulnerability in Newsboard Unclassified Newsboard SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php. | 7.5 |
2005-11-19 | CVE-2005-3684 | Buffer Overflow vulnerability in Freeftpd 1.0.8 Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands. | 7.5 |
2005-11-19 | CVE-2005-3683 | Buffer Overflow vulnerability in FreeFTPD User Command Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command. | 7.5 |
2005-11-18 | CVE-2005-3682 | Unspecified vulnerability in Wizz Forum Wizz Forum 1.20 Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrary SQL commands via (1) the AuthID parameter in ForumAuthDetails.php, and the TopicID parameter in (2) ForumTopicDetails.php and (3) ForumReply.php. | 7.5 |
2005-11-18 | CVE-2005-3681 | Unspecified vulnerability in Xoops Wf-Downloads 2.05 SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers to execute arbitrary SQL commands via the list parameter. | 7.5 |