Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0363 | Unspecified vulnerability in Awstats 4.0/6.2 awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0350 | Remote Security vulnerability in F-Secure Anti-Virus Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive. | 7.5 |
| 2005-05-02 | CVE-2005-0349 | Unspecified vulnerability in Broadcom Brightstor Arcserve Backup 11.1 The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains hard-coded credentials, which allows remote attackers to access the file system and possibly execute arbitrary commands. | 7.5 |
| 2005-05-02 | CVE-2005-0343 | SQL Injection vulnerability in Logicnow Perldesk 1.0 SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0338 | Remote Buffer Overflow vulnerability in Savant Webserver 3.1 Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request. | 7.5 |
| 2005-05-02 | CVE-2005-0337 | Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. | 7.5 |
| 2005-05-02 | CVE-2005-0332 | Remote Directory Traversal vulnerability in Ventia DeskNow Mail And Collaboration Server 2.5.12/2.5.13 Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to (1) upload and possibly execute files outside the directory via the AttachmentsKey parameter to attachment.do, as demonstrated using JSP pages, or (2) delete arbitrary files via the select_file parameter to file.do. | 7.5 |
| 2005-05-02 | CVE-2005-0327 | Remote Security vulnerability in PHP Arena Pafiledb 3.1 pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php. | 7.5 |
| 2005-05-02 | CVE-2005-0322 | Local Security vulnerability in Mail Server MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2) settings.cfg, (3) users.dat or (4) user.dat files, which allows local users to extract the passwords. | 7.2 |
| 2005-05-02 | CVE-2005-0305 | Privilege Escalation vulnerability in Siteman User Database CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation. | 7.5 |