Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-11 | CVE-2005-1953 | Remote Security vulnerability in Pico Server Pico Server 3.3 Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request. | 7.5 |
2005-06-10 | CVE-2005-1966 | Remote Command Execution vulnerability in E107 1.0.1 The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter. | 7.5 |
2005-06-10 | CVE-2005-1942 | Security Bypass vulnerability in Catalyst Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. | 7.5 |
2005-06-09 | CVE-2005-1964 | Remote Security vulnerability in Cantico Ovidentia FX PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPath parameter. | 7.5 |
2005-06-09 | CVE-2005-1950 | Remote Command Execution vulnerability in Darryl Burgdorf Webhints 1.3 hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | 7.5 |
2005-06-09 | CVE-2005-1948 | SQL Injection vulnerability in Invision Power Services Invision Gallery 1.0.1/1.3 Multiple SQL injection vulnerabilities in Invision Gallery before 1.3.1 allow remote attackers to execute arbitrary SQL commands via (1) the comment parameter in an editcomment action or (2) the rating parameter when voting on a photo. | 7.5 |
2005-06-09 | CVE-2005-1946 | SQL-Injection vulnerability in Invision Community Blog 1.0/1.1 Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to an editentry, replyentry, or editcomment action, or (2) the mid parameter to an aboutme action. | 7.5 |
2005-06-09 | CVE-2005-1908 | Security Bypass vulnerability in Perception Liteweb 2.5 Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL. | 7.5 |
2005-06-09 | CVE-2005-1905 | Privilege Escalation vulnerability in Kaspersky LAB products The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs. | 7.2 |
2005-06-09 | CVE-2005-1900 | Security Bypass vulnerability in Sawmill Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license. | 7.5 |