Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1114 | Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters. | 7.5 |
| 2005-05-02 | CVE-2005-1110 | Unspecified vulnerability in Sumus 0.2.2 Stack-based buffer overflow in the RespondeHTTPPendiente function in the HTTP server for SUMUS 0.2.2 allows remote attackers to execute arbitrary code via a large packet sent to TCP port 81. | 7.5 |
| 2005-05-02 | CVE-2005-1109 | Unspecified vulnerability in Junkbuster Internet Junkbuster 2.0.1/2.0.2/2.0.2R2 The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption. | 7.5 |
| 2005-05-02 | CVE-2005-1101 | Unspecified vulnerability in IBM Lotus Domino Server 6.0.5/6.5.4 Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via large amounts of data in certain (1) time or (2) date fields. | 7.5 |
| 2005-05-02 | CVE-2005-1100 | Unspecified vulnerability in Salim Gasmi GLD 1.3/1.4 Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog. | 7.5 |
| 2005-05-02 | CVE-2005-1093 | Remote Buffer Overflow vulnerability in Popup Plus Plugin Popup Plus Plugin for Miranda IM 2.0.3.8 Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. | 7.5 |
| 2005-05-02 | CVE-2005-1092 | Local Authentication Credentials Disclosure vulnerability in Light Speed Technologies DeluxeFTP Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. | 7.2 |
| 2005-05-02 | CVE-2005-1091 | Information Disclosure vulnerability in Maxthon Web Browser Plug-in API Security ID Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page. | 7.5 |
| 2005-05-02 | CVE-2005-1088 | Privilege Escalation vulnerability in Dameware Development Mini Remote Control and NT Utilities Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights. | 7.2 |
| 2005-05-02 | CVE-2005-1084 | Unspecified vulnerability in Aewebworks Aedating 3.2 SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter. | 7.5 |