Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-16 | CVE-2005-1366 | Remote Source Code Disclosure vulnerability in PServ Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL. | 7.5 |
2005-05-16 | CVE-2005-1248 | Buffer Overflow vulnerability in Apple iTunes MPEG4 Parsing Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file. | 7.5 |
2005-05-16 | CVE-2005-1193 | Unspecified vulnerability in PHPbb Group PHPbb The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) activex:, (5) chrome:, or (6) script: URI scheme, as demonstrated using the URL tag. | 7.5 |
2005-05-14 | CVE-2005-1577 | Unspecified vulnerability in APG Technology Classmaster APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share. | 7.5 |
2005-05-14 | CVE-2005-1566 | Denial-Of-Service vulnerability in Arcowave Systems Wlan AP + Adsl Router Aap3100Ar Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell. | 7.5 |
2005-05-14 | CVE-2005-1554 | SQL Injection vulnerability in Wowbb web Forum 1.6/1.61/1.62 SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote attackers to execute arbitrary SQL commands via the sort_by parameter. | 7.5 |
2005-05-14 | CVE-2005-1553 | Remote Security vulnerability in Digital Surveillance System 6.0.4/6.1/7.0 GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing. | 7.5 |
2005-05-14 | CVE-2005-1550 | Remote Command Execution vulnerability in Easy Message Board easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print parameter. | 7.5 |
2005-05-14 | CVE-2005-1548 | SQL Injection vulnerability in Advanced Guestbook Advanced Guestbook 2.3.1 SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter. | 7.5 |
2005-05-14 | CVE-2005-1547 | Remote Security vulnerability in Bakbone Netvault 7.3 Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031. | 7.5 |