Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-16 | CVE-2005-0352 | Local Privilege Escalation vulnerability in Woodstone Servers Alive 4.1/5.0 Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges. | 7.2 |
| 2005-03-15 | CVE-2005-0798 | Remote Security vulnerability in Novell Ichain 2.2/2.2.113/2.3 Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks. | 7.5 |
| 2005-03-15 | CVE-2005-0793 | SQL Injection and File Include vulnerability in ZPanel PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows remote attackers to (1) execute arbitrary PHP code in ZPanel 2.0 or (2) include local files in ZPanel 2.5 beta 10 and earlier by modifying the page parameter. | 7.5 |
| 2005-03-15 | CVE-2005-0792 | SQL Injection and File Include vulnerability in ZPanel SQL injection vulnerability in ZPanel 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter to index.php or (2) page parameter to zpanel.php. | 7.5 |
| 2005-03-14 | CVE-2005-0786 | SQL Injection vulnerability in Simpgb 1.0 SQL injection vulnerability in gb_new.inc in SimpGB allows remote attackers to execute arbitrary SQL commands via the quote parameter to guestbook.php. | 7.5 |
| 2005-03-14 | CVE-2005-0505 | Remote Security vulnerability in Information Resource Manager Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers to have "potentially serious" impact, related to LDAP logins. | 7.5 |
| 2005-03-10 | CVE-2005-0774 | Remote vulnerability in Photopost PHP PRO 5.0Rc3 SQL injection vulnerability in member.php and possibly other scripts in PhotoPost PHP 5.0 RC3 allows remote attackers to execute arbitrary SQL commands via the uid parameter. | 7.5 |
| 2005-03-10 | CVE-2005-0748 | Code Injection vulnerability in Webinsta Mailing Manager 1.3D PHP remote file inclusion vulnerability in initdb.php for WEBInsta Mailing list manager 1.3d allows remote attackers to execute arbitrary PHP code by modifying the absolute_path parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-03-08 | CVE-2005-0725 | SQL-Injection vulnerability in Wf-Sections 1.07 SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php. | 7.5 |
| 2005-03-08 | CVE-2005-0720 | Code Injection vulnerability in Mcnews 1.3 PHP remote file inclusion vulnerability in admin/header.php in PHP mcNews 1.3 allows remote attackers to execute arbitrary PHP code by modifying the skinfile parameter to reference a URL on a remote web server that contains the code. | 7.5 |