Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-28 | CVE-2005-4516 | Cross-Site Scripting vulnerability in PHP-Fusion Members.PHP Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags. network php-fusion | 4.3 |
2005-12-27 | CVE-2005-3535 | Unspecified vulnerability in Ketm 0.0.6 Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors. | 7.5 |
2005-12-27 | CVE-2005-3343 | Unspecified vulnerability in Tkdiff tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 4.6 |
2005-12-27 | CVE-2005-3341 | Unspecified vulnerability in Dhis Tools DNS Package DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh. | 2.1 |
2005-12-23 | CVE-2005-4513 | Cross-Site Scripting vulnerability in WandSoft E-Search Cross-site scripting (XSS) vulnerability in WANDSOFT e-SEARCH allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keywords parameter. network wandsoft | 4.3 |
2005-12-23 | CVE-2005-4512 | Cross-Site Scripting vulnerability in WaxTrapp Search Module Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. network waxtrapp | 4.3 |
2005-12-23 | CVE-2005-4511 | Denial-Of-Service vulnerability in Curtis Hawthorne Tn3270 Resource Gateway 1.0.0/1.0.1/1.1.0 Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls. | 4.6 |
2005-12-23 | CVE-2005-4510 | Directory Traversal vulnerability in Extensis Netpublish Server 7.0 Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter. | 5.0 |
2005-12-23 | CVE-2005-4509 | SQL Injection vulnerability in pTools Index.ASP SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. | 7.5 |
2005-12-23 | CVE-2005-4508 | Remote Security vulnerability in Dev Hound Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file. | 5.0 |