Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-31 | CVE-2005-4675 | Cross-Site Scripting vulnerability in Complete PHP Counter Cross-site scripting (XSS) vulnerability in list.php in Complete PHP Counter allows remote attackers to inject arbitrary web script or HTML via the c parameter. network complete-php-counter | 4.3 |
2005-12-31 | CVE-2005-4674 | SQL Injection vulnerability in Complete PHP Counter Multiple SQL injection vulnerabilities in list.php in Complete PHP Counter allow remote attackers to execute arbitrary SQL commands via the (1) c or (2) s parameter. | 7.5 |
2005-12-31 | CVE-2005-4673 | Unspecified vulnerability in Inicom Networks Ioftpd 5.8.4U ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists, which allows remote attackers to enumerate valid usernames. | 5.0 |
2005-12-31 | CVE-2005-4672 | Cross-Site Scripting vulnerability in Citypost Simple Image Editor 0.52 Cross-site scripting (XSS) vulnerability in image-editor-52/index.php in CityPost Simple Image-Editor 0.52 allows remote attackers to inject arbitrary web script or HTML via the (1) m1, (2) m2, (3) m3, (4) imgsrc, and (5) m4 parameter. network citypost | 4.3 |
2005-12-31 | CVE-2005-4671 | Cross-Site Scripting vulnerability in Citypost Simple PHP Upload 5.3 Cross-site scripting (XSS) vulnerability in simple-upload-53.php in CityPost Simple PHP Upload 5.3 allows remote attackers to inject arbitrary web script or HTML via the message parameter. network citypost | 4.3 |
2005-12-31 | CVE-2005-4670 | Cross-Site Scripting vulnerability in Citypost PHP Lnkx 52.0 Cross-site scripting (XSS) vulnerability in message.php in CityPost Automated Link Exchange (LNKX) allows remote attackers to inject arbitrary web script or HTML via the msg parameter. network citypost | 4.3 |
2005-12-31 | CVE-2005-4669 | SQL-Injection vulnerability in Rt Internet Solutions Webadmin SQL injection vulnerability in RT Internet Solutions (RTIS) WebAdmin allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. | 7.5 |
2005-12-31 | CVE-2005-4668 | Local Security vulnerability in Parosproxy The embedded HSQLDB in ParosProxy before 3.2.7, when running with JDK 1.4.2 before 1.4.2_08, allows local users to execute arbitrary comands via crafted SQL commands that interact with HSQLDB through JDBC, a similar vulnerability to CVE-2003-0845. | 4.6 |
2005-12-31 | CVE-2005-4667 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Info-Zip Unzip Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. | 3.7 |
2005-12-31 | CVE-2005-4666 | Input Validation vulnerability in Phlymail 3.02.00/3.02.01 Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 allows remote attackers to inject arbitrary Javascript via unknown attack vectors. network phlymail | 4.3 |