Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2202 | Remote vulnerability in Duware Duclassified 4.0/4.1/4.2 Multiple SQL injection vulnerabilities in DUware DUclassified 4.0 through 4.2 allows remote attackers to bypass authentication and execute other commands on the server's underlying database via the (1) cat_id or (2) sub_id parameters in adDetail.asp, or (2) the password parameter in the login form. | 7.5 |
| 2004-12-31 | CVE-2004-2201 | Remote vulnerability in DUware Software SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form. | 7.5 |
| 2004-12-31 | CVE-2004-2197 | Unspecified vulnerability in KDocker kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs. | 7.2 |
| 2004-12-31 | CVE-2004-2192 | Input Validation vulnerability in Turbotraffictrader PHP 1.0 SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | 7.5 |
| 2004-12-31 | CVE-2004-2189 | Cross-Site Scripting And SQL Injection vulnerability in DMXReady Site Chassis Manager SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2004-12-31 | CVE-2004-2186 | Remote Input Validation vulnerability in Mediawiki 1.3.5 SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance. | 7.5 |
| 2004-12-31 | CVE-2004-2183 | Remote Command Execution vulnerability in Wehelpbus 0.1 Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. | 7.5 |
| 2004-12-31 | CVE-2004-2182 | Improper Authentication vulnerability in Macromedia Jrun 4.0/4.0Build61650 Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. | 7.5 |
| 2004-12-31 | CVE-2004-2181 | Remote Input Validation vulnerability in WowBB Forum 1.61/1.65 Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. | 7.5 |
| 2004-12-31 | CVE-2004-2178 | Remote Input Validation vulnerability in Devoybb web Forum 1.0 SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |