Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-20 | CVE-2005-4400 | Cross-Site Scripting vulnerability in Liferay Portal Enterprise Cross-site scripting (XSS) vulnerability in downloads/portal_ent in Liferay Portal Enterprise 3.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) _77_struts_action, (2) p_p_mode, and (3) p_p_state parameters. network liferay | 4.3 |
| 2005-12-20 | CVE-2005-4399 | Cross-Site Scripting vulnerability in Libertas Enterprise CMS Cross-site scripting (XSS) vulnerability in search/index.php in Libertas Enterprise CMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page_search parameter. network libertas-solutions | 4.3 |
| 2005-12-20 | CVE-2005-4397 | SQL-Injection vulnerability in Icms SQL injection vulnerability in RunScript.asp iCMS allows remote attackers to execute arbitrary SQL commands via the Event_ID parameter. | 7.5 |
| 2005-12-20 | CVE-2005-4396 | Cross-Site Scripting vulnerability in Icms Cross-site scripting (XSS) vulnerability in admin/Default.asp in iCMS allows remote attackers to inject arbitrary web script or HTML via the LoginMSG parameter. network icms-content-management-systems | 4.3 |
| 2005-12-20 | CVE-2005-4395 | Cross-Site Scripting vulnerability in FarCry Search Module Cross-site scripting (XSS) vulnerability in FarCry 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the criteria parameter. network farcry | 4.3 |
| 2005-12-20 | CVE-2005-4394 | Cross-Site Scripting vulnerability in EPiX Search Module Cross-site scripting (XSS) vulnerability in EPiX 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search query parameters. network formicary-ltd | 4.3 |
| 2005-12-20 | CVE-2005-4393 | Input Validation vulnerability in E-Publish Cross-site scripting (XSS) vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) obcatid and (2) comid parameters. network e-publish | 4.3 |
| 2005-12-20 | CVE-2005-4392 | Input Validation vulnerability in E-Publish SQL injection vulnerability in printer_friendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-12-20 | CVE-2005-4391 | Cross-Site Scripting vulnerability in Retired: Mindroute Lemoon/Damoon Search Module Cross-site scripting (XSS) vulnerability in damoon allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the q parameter. network mindroute-software | 4.3 |
| 2005-12-20 | CVE-2005-4390 | SQL Injection vulnerability in ContentServ SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter. | 7.5 |