Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0436 | Remote Security vulnerability in Awstats 6.3/6.4 Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0431 | Remote Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.10 Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam. | 7.5 |
| 2005-05-02 | CVE-2005-0418 | Unspecified vulnerability in SUN J2Se Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | 7.5 |
| 2005-05-02 | CVE-2005-0397 | Unspecified vulnerability in Imagemagick Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | 7.5 |
| 2005-05-02 | CVE-2005-0388 | Unspecified vulnerability in Remstats 1.0.13 Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising." | 7.5 |
| 2005-05-02 | CVE-2005-0383 | Remote Security vulnerability in Trend Micro Control Manager 3.0Enterprise Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password. | 7.5 |
| 2005-05-02 | CVE-2005-0380 | Remote File Include vulnerability in Zeroboard DIR Parameter Multiple PHP remote file inclusion vulnerabilities in (1) print_category.php, (2) login.php, (3) setup.php, (4) ask_password.php, or (5) error.php in ZeroBoard 4.1pl5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the dir parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-05-02 | CVE-2005-0377 | SQL Injection vulnerability in Sergey Kiselev Sgallery 1.01 SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters. | 7.5 |
| 2005-05-02 | CVE-2005-0368 | SQL Injection vulnerability in CMScore Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php. | 7.5 |
| 2005-05-02 | CVE-2005-0363 | Unspecified vulnerability in Awstats 4.0/6.2 awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | 7.5 |