Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-08 | CVE-2005-0685 | Access Validation vulnerability in Outstart Participate Enterprise 3 Multiple access validation errors in OutStart Participate Enterprise (PE) allow remote attackers to (1) browse arbitrary directory trees by modifying the rootFolder parameter to displaynavigator.jsp, (2) rename arbitrary directory objects by modifying the selectedObject parameter to renamepopup.jsp, (3) delete arbitrary directory objects by modifying the selectedObjectsCSV parameter to displaydeletenavigator.jsp, and conduct other unauthorized activities via the (4) showDeleteView, (5) showWebFolderView, (6) showLibraryView, (7) showMyLibraryView, (8) singleSelectObject, (9) processRadioSelection, (10) processCheckboxSelection, (11) singleSelectObject, (12) addToSelectedObjects, or (13) removeFromSelectedObjects commands. | 7.5 |
| 2005-03-07 | CVE-2005-0697 | SQL-Injection vulnerability in BRT Copperexport 0.1/0.2 SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | 7.5 |
| 2005-03-07 | CVE-2005-0693 | Remote Buffer Overflow vulnerability in JoWood Chaser 1.0/1.50 Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | 7.5 |
| 2005-03-07 | CVE-2005-0689 | Remote Command Execution vulnerability in The Includer 1.0/1.1 includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter. | 7.5 |
| 2005-03-07 | CVE-2005-0686 | Remote Security vulnerability in mlterm Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background. | 7.5 |
| 2005-03-07 | CVE-2005-0680 | PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-03-06 | CVE-2005-0691 | Remote Security vulnerability in SocialMPN PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-03-06 | CVE-2005-0687 | Denial-Of-Service vulnerability in Hashcash 1.14/1.15/1.16 Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header. | 7.5 |
| 2005-03-04 | CVE-2005-0668 | Remote Security vulnerability in Http Anti Virus Proxy %28Havp%29 Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (2) .ZIP files. | 7.5 |
| 2005-03-03 | CVE-2005-0671 | Remote vulnerability in Ca3DE Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | 7.5 |