Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-04-12 | CVE-2005-0555 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability." | 7.5 |
2005-04-11 | CVE-2005-1070 | SQL Injection vulnerability in Invision Power Board ST Parameter SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter. | 7.5 |
2005-04-10 | CVE-2005-1055 | Unspecified vulnerability in Towerblog TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file. | 7.5 |
2005-04-09 | CVE-2005-1082 | Multiple vulnerability in Azerbaijan Development Group Azdgdating 1.1.0 Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php. | 7.5 |
2005-04-08 | CVE-2005-1067 | Unspecified vulnerability in Access User Class Access User Class 1.6 Vulnerability in Access_user Class before 1.75 allows local users to gain access as other users via the password "new". | 7.5 |
2005-04-06 | CVE-2005-1096 | SQL Injection vulnerability in Ocean12 Membership Manager Pro SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | 7.5 |
2005-04-06 | CVE-2005-1029 | SQL Injection vulnerability in Active web Softwares Active Auction House 7.1 Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp. | 7.5 |
2005-04-05 | CVE-2005-1035 | Unspecified vulnerability in Pavuk Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact. | 7.5 |
2005-04-01 | CVE-2005-0749 | Local Denial of Service vulnerability in Linux Kernel Elf Binary Loading The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer. | 7.2 |
2005-03-31 | CVE-2005-0957 | Authentication Bypass vulnerability in BAY Technical Associates Rpc3 Telnet F3.05 Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username prompt. | 7.5 |