Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-31 | CVE-2005-4600 | Path Traversal vulnerability in Moxiecode Tinymce Compressor PHP Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter. | 6.4 |
2005-12-31 | CVE-2005-4599 | Multiple vulnerability in TinyMCE Compressor Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter. network moxiecode | 4.3 |
2005-12-31 | CVE-2005-4598 | Cross-Site Scripting vulnerability in Ooapp Guestbook 2.1 Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. network ooapp | 4.3 |
2005-12-31 | CVE-2005-4597 | Cross-Site Scripting vulnerability in Epistream Ipei Guestbook 1.7 Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 1.7 allows remote attackers to inject arbitrary web script or HTML via the email parameter, as used by the email field, when signing a guestbook. network epistream | 4.3 |
2005-12-31 | CVE-2005-4596 | Cross-Site Scripting vulnerability in Ades Design Adesguestbook 2.0 Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_rsRead parameter. network ades-design | 4.3 |
2005-12-31 | CVE-2005-4595 | Unspecified vulnerability in Gentoo Nview and Xnview Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory. | 7.2 |
2005-12-31 | CVE-2005-4594 | Buffer Overflow vulnerability in Tugzip 3.4.0.0 Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive. | 7.5 |
2005-12-31 | CVE-2005-4593 | Remote and Local File Include vulnerability in PHPDocumentor PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php. | 7.5 |
2005-12-31 | CVE-2005-4592 | Remote Buffer Overflow vulnerability in Bogofilter Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex. | 7.5 |
2005-12-31 | CVE-2005-4591 | Remote Buffer Overflow vulnerability in Bogofilter Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets. | 7.5 |