Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-1354 Remote Security vulnerability in Forum.Pl
The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
network
low complexity
forum-pl
7.5
7.5
2005-05-02 CVE-2005-1351 Remote Security vulnerability in ad.cgi
The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
network
low complexity
leif-m-wright
7.5
7.5
2005-05-02 CVE-2005-1349 Buffer Overflow vulnerability in Convert-UUlib Perl Module
Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation.
network
low complexity
perl
7.5
7.5
2005-05-02 CVE-2005-1345 Remote Security vulnerability in Squid
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
network
low complexity
squid
7.5
7.5
2005-05-02 CVE-2005-1344 Buffer Overflow vulnerability in Apache Http Server 2.0.52
Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument.
network
low complexity
apache
7.5
7.5
2005-05-02 CVE-2005-1323 Buffer Overflow vulnerability in Intersoft Netterm 4.2.2
Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote attackers to execute arbitrary code via a long USER command.
network
low complexity
intersoft
7.5
7.5
2005-05-02 CVE-2005-1304 The citat.pl script allows remote attackers to execute arbitrary files via shell metacharacters in the argument.
network
low complexity
citat-pl
7.5
7.5
2005-05-02 CVE-2005-1302 SQL Injection vulnerability in Swsoft Confixx 3.0.6/3.0.8/Pro3
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
network
low complexity
swsoft
7.5
7.5
2005-05-02 CVE-2005-1293 SQL-Injection vulnerability in Storeportal 2.63
Multiple SQL injection vulnerabilities in default.asp in StorePortal 2.63 allow remote attackers to execute arbitrary SQL commands via the (1) language, (2) bpic, (3) idcategory, (4) content, (5) keyword, or (6) idproduct parameter.
network
low complexity
storeportal
7.5
7.5
2005-05-02 CVE-2005-1289 Unspecified vulnerability in E-Cart 20041.1
index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and possibly (2) cat parameters.
network
low complexity
e-cart
7.5
7.5