Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0915 | Security Bypass vulnerability in Webmasters-Debutants WD Guestbook 2.8 Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to (1) ajout_admin2.php or (2) suppr.php. | 7.5 |
| 2005-05-02 | CVE-2005-0913 | Remote PHP Script Execution vulnerability in Smarty Template Engine Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code. | 7.5 |
| 2005-05-02 | CVE-2005-0909 | Unspecified vulnerability in Tkais Shoutbox Tkais Shoutbox PHP remote file inclusion vulnerability in shoutact.php for TKai's Shoutbox allows remote attackers to execute arbitrary PHP code via the query parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0907 | SQL-Injection vulnerability in Valdersoft Shopping Cart 3.0 Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php. | 7.5 |
| 2005-05-02 | CVE-2005-0906 | Remote Buffer Overflow vulnerability in Tincat Network Library Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code. | 7.5 |
| 2005-05-02 | CVE-2005-0902 | SQL-Injection vulnerability in Nukebookmarks 0.6 SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0897 | Remote File Include vulnerability in Magicscripts E-Store Kit-2 Paypal PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-05-02 | CVE-2005-0893 | Remote Security vulnerability in Smail 3.2.0.120 modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc. | 7.6 |
| 2005-05-02 | CVE-2005-0891 | Double Free vulnerability in Gnome GTK Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. | 7.5 |
| 2005-05-02 | CVE-2005-0890 | SQL Injection vulnerability in Dream4 Koobi CMS 4.2.3 SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | 7.5 |