Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-29 | CVE-2005-4579 | Input Validation vulnerability in Hitachi Business Logic Multiple HTTP response splitting vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors in an unspecified input form. | 5.0 |
| 2005-12-29 | CVE-2005-4578 | Input Validation vulnerability in Hitachi Business Logic Multiple SQL injection vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to execute arbitrary SQL commands via unknown attack vectors in an unspecified input form. | 7.5 |
| 2005-12-29 | CVE-2005-4577 | Input Validation vulnerability in Hitachi Business Logic Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in an unspecified input form. network hitachi | 4.3 |
| 2005-12-29 | CVE-2005-4576 | Cross-Site Scripting vulnerability in FatWire UpdateEngine Multiple cross-site scripting (XSS) vulnerabilities in the UpdateEngine program in Fatwire UpdateEngine 6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) COUNTRYNAME, (2) EMAIL, and (3) FUELAP_TEMPLATENAME parameters. network fatwire | 4.3 |
| 2005-12-29 | CVE-2005-4575 | Information Disclosure vulnerability in CommonSpot Content Server PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message. | 5.0 |
| 2005-12-29 | CVE-2005-4574 | Cross-Site Scripting vulnerability in PaperThin CommonSpot Content Server Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter. network paperthin | 4.3 |
| 2005-12-29 | CVE-2005-4573 | Code Injection vulnerability in Plogger PHP remote file include vulnerability in plog-admin-functions.php in Plogger Beta 2 allows remote attackers to execute arbitrary code via a URL in the config[basedir] parameter. | 7.5 |
| 2005-12-29 | CVE-2005-4572 | Input Validation vulnerability in myEZshop Shopping Cart Multiple SQL injection vulnerabilities in myEZshop Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) GroupsId and (2) ItemsId parameters in admin.php. | 7.5 |
| 2005-12-29 | CVE-2005-4571 | Input Validation vulnerability in myEZshop Shopping Cart Cross-site scripting (XSS) vulnerability in myEZshop Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter. network myezshop | 4.3 |
| 2005-12-29 | CVE-2005-4570 | Denial Of Service vulnerability in Multiple Fortinet Products IKE Exchange The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | 7.8 |