Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-07 | CVE-2005-2489 | Unspecified vulnerability in web Content Management web Content Management News System Web Content Management News System allows remote attackers to create arbitrary accounts and gain privileges via a direct request to Admin/Users/AddModifyInput.php. | 7.5 |
2005-08-07 | CVE-2005-2486 | SQL Injection vulnerability in Portailphp 2.4 SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701. | 7.5 |
2005-08-07 | CVE-2005-2484 | Remote Buffer Overflow vulnerability in Denora IRC Stats Denora IRC Stats 1.0 Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 might allow attackers to execute arbitrary code. | 7.5 |
2005-08-07 | CVE-2005-2483 | Unspecified vulnerability in Karrigell Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script. | 7.5 |
2005-08-05 | CVE-2005-2478 | SQL Injection vulnerability in Silver-Scripts Silvernews 2.0.3 SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel. | 7.5 |
2005-08-05 | CVE-2005-2473 | SQL Injection vulnerability in ChurchInfo Multiple SQL injection vulnerabilities in ChurchInfo allow remote attackers to execute arbitrary SQL commands via the PersonID parameter to (1) PersonView.php, (2) MemberRoleChange.php, (3) PropertyAssign.php, (4) WhyCameEditor.php, (5) GroupPropsEditor.php, (6) Reports/PDFLabel.php, or (7) UserDelete.php, (8) DepositSlipID parameter to DepositSlipEditor.php, (9) QueryID parameter to QueryView.php, GroupID parameter to (10) GroupView.php, (11) GroupMemberList.php, (12) MemberRoleChange.php, (13) GroupDelete.php, (14) /Reports/ClassAttendance.php, or (15) /Reports/GroupReport.php, (16) PropertyID parameter to PropertyEditor.php, FamilyID parameter to (17) Canvas05Editor.php, (18) CanvasEditor.php, or (19) FamilyView.php, or (20) PledgeID parameter to PledgeDetails.php. | 7.5 |
2005-08-05 | CVE-2005-2471 | Unspecified vulnerability in Netpbm 2.10.0.8 pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. | 7.5 |
2005-08-05 | CVE-2005-1854 | Remote Command Execution vulnerability in Debian Apt-Cacher 0.9.4/0.9.9 Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. | 7.5 |
2005-08-05 | CVE-2005-1272 | Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050. | 7.5 |
2005-08-03 | CVE-2005-2450 | Integer Overflow vulnerability in Clam Anti-Virus Clamav 0.85/0.85.1/0.86 Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) 0.86.1 and earlier allow remote attackers to gain privileges via a crafted e-mail message. | 7.5 |