Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-05 | CVE-2005-2135 | SQL-Injection vulnerability in Etoshop Dynamic BIZ Website Builder Quickweb 1.0 SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) T1 or (2) T2 parameters. | 7.5 |
2005-07-05 | CVE-2005-2113 | SQL-Injection vulnerability in Xoops SQL injection vulnerability in the loginUser function in the XMLRPC server in XOOPS 2.0.11 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via crafted values in an XML file, as demonstrated using the blogger.getPost method. | 7.5 |
2005-07-05 | CVE-2005-2111 | Remote Security vulnerability in Community Link Pro Web Editor login.cgi in Community Link Pro Web Editor allows remote attackers to execute arbitrary commands via the file parameter. | 7.5 |
2005-07-05 | CVE-2005-2108 | SQL-Injection vulnerability in WordPress SQL injection vulnerability in XMLRPC server in WordPress 1.5.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via input that is not filtered in the HTTP_RAW_POST_DATA variable, which stores the data in an XML file. | 7.5 |
2005-07-05 | CVE-2005-2105 | Security Bypass vulnerability in IOS Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. | 7.5 |
2005-07-05 | CVE-2005-2086 | Remote Security vulnerability in PHPbb Group PHPbb 2.0.15 PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code. | 7.5 |
2005-07-05 | CVE-2005-0393 | Unspecified vulnerability in Crip 3.5 The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to have an unknown impact with unknown attack vectors. | 7.2 |
2005-06-29 | CVE-2005-2080 | Remote Agent for Windows Servers Privilege Escalation vulnerability in Veritas Backup Exec Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server. | 7.5 |
2005-06-29 | CVE-2005-2072 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. | 7.2 |
2005-06-29 | CVE-2005-2067 | SQL Injection vulnerability in ASPNuke Article.ASP SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter. | 7.5 |