Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-03 | CVE-2005-2445 | SQL Injection vulnerability in Early Impact Product Cart 2.6 SQL injection vulnerability in viewPrd.asp in Product Cart 2.6 allows remote attackers to execute arbitrary SQL commands via the idcategory parameter. | 7.5 |
2005-08-03 | CVE-2005-2440 | SQL Injection vulnerability in Thomson Netg web Skill Vantage Manager 2.5 SQL injection vulnerability in login.asp in Thomson Web Skill Vantage Manager allows remote attackers to execute arbitrary SQL commands via the svmPassword parameter. | 7.5 |
2005-08-03 | CVE-2005-2439 | SQL Injection vulnerability in UseBB Search SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function. | 7.5 |
2005-08-03 | CVE-2005-2432 | SQL Injection vulnerability in PHPList Admin Page SQL injection vulnerability in PhpList allows remote attackers to modify SQL statements via the id argument to admin pages such as (1) members or (2) admin. | 7.5 |
2005-08-03 | CVE-2005-2424 | Denial Of Service vulnerability in Siemens Santis 50 4.2.8.0 The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze. | 7.5 |
2005-08-03 | CVE-2005-2421 | SQL Injection vulnerability in Beehive Forum Webtag Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter. | 7.5 |
2005-08-03 | CVE-2005-2419 | Unspecified vulnerability in ECI Telecom B-Focus Router 312 B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg. | 7.5 |
2005-08-03 | CVE-2005-2415 | Input Validation vulnerability in Contrexx Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module. | 7.5 |
2005-08-03 | CVE-2005-2346 | Unspecified vulnerability in Novell Groupwise 6.5 Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section. | 7.5 |
2005-08-03 | CVE-2005-1853 | Unspecified vulnerability in University of Minnesota Gopher 3.0.5 gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges. | 7.2 |