Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1005 | Unspecified vulnerability in Profitcode Payprocart 3.0 ProfitCode PayProCart 3.0 allows remote attackers to bypass authentication and gain administrative privileges to the admin control panel, as demonstrated via a direct request to adminshop/index.php with hex-encoded .. | 7.5 |
| 2005-05-02 | CVE-2005-1003 | Directory Traversal vulnerability in Profitcode Payprocart 3.0 Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. | 7.5 |
| 2005-05-02 | CVE-2005-0999 | Unspecified vulnerability in Francisco Burzi PHP-Nuke SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0997 | Unspecified vulnerability in Francisco Burzi PHP-Nuke 7.6 Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min parameters in the viewlink function, (4) the orderby, min, or show parameters in the search function, or (5) the ratenum parameter in the MostPopular function. | 7.5 |
| 2005-05-02 | CVE-2005-0994 | Unspecified vulnerability in Early Impact Productcart 2.7 Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the Category or resultCnt parameters to advSearch_h.asp, and possibly (2) the offset parameter to tarinasworld_butterflyjournal.asp. | 7.5 |
| 2005-05-02 | CVE-2005-0980 | Remote File Include vulnerability in Alstrasoft Epay 2.0 PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-05-02 | CVE-2005-0979 | Buffer Overflow vulnerability in Netmanage Rumba 7.3/7.4 Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field. | 7.5 |
| 2005-05-02 | CVE-2005-0970 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts. | 7.6 |
| 2005-05-02 | CVE-2005-0962 | SQL Injection vulnerability in Lighthouse Development Squirrelcart 1.5.5 SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action. | 7.5 |
| 2005-05-02 | CVE-2005-0959 | Remote CWD Argument Format String vulnerability in Yepyep Mtftpd 0.1A/0.2/0.3 Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path. | 7.5 |