Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-0956 Unspecified vulnerability in Interakt MX Kart 1.1.2
Multiple SQL injection vulnerabilities in index.php in InterAKT MX Kart 1.1.2 allow remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_man parameter.
network
low complexity
interakt
7.5
7.5
2005-05-02 CVE-2005-0955 SQL Injection vulnerability in Interakt MX Shop 1.1.1
SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote attackers to execute arbitrary SQL commands via the id_ctg parameter.
network
low complexity
interakt
7.5
7.5
2005-05-02 CVE-2005-0948 Input Validation vulnerability in Iatek PortalApp
SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter.
network
low complexity
iatek
7.5
7.5
2005-05-02 CVE-2005-0947 Remote vulnerability in PHPcoin 1.2/1.2.1/1.2.1B
Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and earlier allows remote attackers to read and execute arbitrary files via a ..
network
low complexity
coinsoft-technologies
7.5
7.5
2005-05-02 CVE-2005-0944 Unspecified vulnerability in Microsoft JET
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.
network
low complexity
microsoft
7.5
7.5
2005-05-02 CVE-2005-0935 SQL Injection vulnerability in Esmi Paypal Storefront 1.7
Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php.
network
low complexity
esmi
7.5
7.5
2005-05-02 CVE-2005-0932 Remote vulnerability in PHPcoin 1.2/1.2.1/1.2.1B
Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order.
network
low complexity
coinsoft-technologies
7.5
7.5
2005-05-02 CVE-2005-0929 SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php.
network
low complexity
photopost
7.5
7.5
2005-05-02 CVE-2005-0920 SQL Injection vulnerability in Bugtracker.NET
Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
network
low complexity
bugtracker-net
7.5
7.5
2005-05-02 CVE-2005-0917 Remote Security vulnerability in Powerdev Encapsbb 0.3.2Fixed
PHP remote file inclusion vulnerability in index_header.php for EncapsBB 0.3.2_fixed, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the root parameter.
network
low complexity
powerdev
7.5
7.5