Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-22 | CVE-2005-4489 | Cross-Site Scripting vulnerability in Scoop Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string in a story. network scoop | 4.3 |
| 2005-12-22 | CVE-2005-4488 | Cross-Site Scripting vulnerability in ComputerOil Redakto CMS Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Redakto WCMS 3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) iid, (2) iid2, (3) r, (4) cart, (5) str, (6) nf, and (7) a parameters. network computeroil | 4.3 |
| 2005-12-22 | CVE-2005-4487 | Cross-Site Scripting vulnerability in RAMSite R1 CMS Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. network ramsite | 4.3 |
| 2005-12-22 | CVE-2005-4485 | Cross-Site Scripting vulnerability in Iatek Projectapp Multiple cross-site scripting (XSS) vulnerabilities in ProjectApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the keywords parameter to (1) forums.asp, (2) search_employees.asp, (3) cat.asp, and (4) links.asp; (5) projectid parameter to pmprojects.asp, (6) ret_page parameter to login.asp, and (7) skin_number parameter to default.asp. | 4.3 |
| 2005-12-22 | CVE-2005-4484 | Cross-Site Scripting vulnerability in IntranetApp Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2) do_search and (3) search parameters to content.asp. network iatek | 4.3 |
| 2005-12-22 | CVE-2005-4483 | Cross-Site Scripting vulnerability in SiteEnable Login.ASP Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter. network iatek | 4.3 |
| 2005-12-22 | CVE-2005-4482 | Cross-Site Scripting vulnerability in Iatek Portalapp 3.3 Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter. network iatek | 6.8 |
| 2005-12-22 | CVE-2005-4480 | Cross-Site Scripting vulnerability in Plexcor CMS 4.0 Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. network plexcor | 6.8 |
| 2005-12-22 | CVE-2005-4479 | SQL Injection vulnerability in PHPslash 0.8.1 SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | 7.5 |
| 2005-12-22 | CVE-2005-4478 | SQL Injection vulnerability in Papoo Multiple SQL injection vulnerabilities in Papoo 2.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) menuid parameter to (a) index.php and (b) guestbook.php, and the (2) forumid and (3) reporeid_print parameters to (c) print.php. | 7.5 |