Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-16 | CVE-2005-1615 | SQL Injection vulnerability in Ultimate PHP Board ViewForum.PHP viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability. | 7.5 |
| 2005-05-16 | CVE-2005-1612 | SQL Injection vulnerability in Openbb 1.0.8 SQL injection vulnerability in read.php in Open Bulletin Board (OpenBB) 1.0.8 allows remote attackers to execute arbitrary SQL commands via the TID parameter. | 7.5 |
| 2005-05-16 | CVE-2005-1609 | Unspecified vulnerability in SUN Storedge 6130 Arrays Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data. | 7.5 |
| 2005-05-16 | CVE-2005-1604 | Unspecified vulnerability in Bugada Andrea PHP Advanced Transfer Manager 1.21 PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code. | 7.5 |
| 2005-05-16 | CVE-2005-1602 | SQL Injection Authentication Bypass vulnerability in Net56 File Manager 1.0 SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field. | 7.5 |
| 2005-05-16 | CVE-2005-1600 | Unspecified vulnerability in Libtomcrypt 1.0/1.0.1/1.0.2 A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key. | 7.5 |
| 2005-05-16 | CVE-2005-1598 | SQL Injection vulnerability in Invision Power Board Login.PHP SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted cookie password hash (pass_hash) that modifies the internal $pid variable. | 7.5 |
| 2005-05-16 | CVE-2005-1594 | Input Validation vulnerability in Codethat Shoppingcart 1.3.1 SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-05-16 | CVE-2005-1592 | Remote Security vulnerability in BirdBlog Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | 7.5 |
| 2005-05-16 | CVE-2005-1367 | Unspecified vulnerability in Pico Server Pico Server Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root. | 7.5 |