Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0859 | Remote File Include vulnerability in Czaries Network Czarnews 1.13B PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. | 7.5 |
| 2005-05-02 | CVE-2005-0858 | Cross-Site Scripting And SQL Injection vulnerability in CoolForum Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the pseudo parameter to entete.php or (2) the login parameter to register.php. | 7.5 |
| 2005-05-02 | CVE-2005-0856 | SQL-Injection vulnerability in CoolForum CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to (1) alert.php or (2) viewip.php, possibly due to a SQL injection vulnerability. | 7.5 |
| 2005-05-02 | CVE-2005-0854 | Remote vulnerability in Betaparticle Blog 2.0/3.0 betaparticle blog (bp blog), posisbly before version 4, allows remote attackers to bypass authentication and (1) upload files via a direct request to upload.asp or (2) delete files via a direct request to myFiles.asp. | 7.5 |
| 2005-05-02 | CVE-2005-0841 | SQL Injection vulnerability in PHPmyfamily 1.4 SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field. | 7.5 |
| 2005-05-02 | CVE-2005-0838 | Multiple vulnerability in Icecast 2.20 Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial of service and possibly execute arbitrary code via (1) a long test value in an xsl:when tag, (2) a long test value in an xsl:if tag, or (3) a long select value in an xsl:value-of tag. | 7.5 |
| 2005-05-02 | CVE-2005-0833 | Multiple vulnerability in Belkin 54G Wireless Router F5D7130 Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication. | 7.5 |
| 2005-05-02 | CVE-2005-0830 | Unspecified vulnerability in Xzabite Dyndnsupdate 0.6.15 Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function in dyndnsupdate.c, allow remote attackers who spoof a dyndns.org server to execute arbitrary code via unknown vectors. | 7.5 |
| 2005-05-02 | CVE-2005-0825 | Unspecified vulnerability in Lgames Ltris 1.0.9 Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file. | 7.5 |
| 2005-05-02 | CVE-2005-0821 | Multiple vulnerability in Citrix MetaFrame Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 allows conference members to bypass organizer restrictions to control the keyboard and mouse. | 7.5 |