Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-20 | CVE-2005-4410 | Cross-Site Scripting vulnerability in Nqcontent V3 Cross-site scripting (XSS) vulnerability in NQcontent 3 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the text parameter. network nqcontent | 4.3 |
2005-12-20 | CVE-2005-4409 | Cross-Site Scripting vulnerability in MMBase Search Module Cross-site scripting (XSS) vulnerability in MMBase 1.7.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. network mmbase | 4.3 |
2005-12-20 | CVE-2005-4408 | SQL Injection vulnerability in Miraserver Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php. | 7.5 |
2005-12-20 | CVE-2005-4407 | Cross-Site Scripting vulnerability in Mercury Cms Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) content and (2) criteria parameters. network tmc-visionpool | 4.3 |
2005-12-20 | CVE-2005-4406 | Input Validation vulnerability in Mercury CMS SQL injection vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | 7.5 |
2005-12-20 | CVE-2005-4405 | Remote Security vulnerability in Red Queen redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to obtain the full server path via invalid (1) yellowpage_id, (2) skin_id, (3) supplier_id, and (4) module parameters, which leaks the path in an error message. | 5.0 |
2005-12-20 | CVE-2005-4404 | SQL-Injection vulnerability in Media2 Cms Shop SQL injection vulnerability in default.asp in Media2 CMS Shop 18.x allows remote attackers to execute arbitrary SQL commands via the item parameter. | 7.5 |
2005-12-20 | CVE-2005-4403 | SQL Injection vulnerability in Marwel SQL injection vulnerability in index.php in Marwel 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the show parameter. | 7.5 |
2005-12-20 | CVE-2005-4402 | Remote Security vulnerability in MailEnable Enterprise Buffer overflow in MailEnable Professional 1.71 and earlier, and Enterprise 1.1 and earlier, allows remote authenticated users to execute arbitrary code via a long IMAP EXAMINE command. | 6.5 |
2005-12-20 | CVE-2005-4401 | Cross-Site Scripting vulnerability in Lutece Search Module Cross-site scripting (XSS) vulnerability in Lutece 1.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the query parameter. network lutece | 4.3 |