Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-08 | CVE-2005-4088 | SQL Injection vulnerability in PHPForumPro SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | 7.5 |
| 2005-12-08 | CVE-2005-4087 | Remote and Local File Include vulnerability in Sugarcrm Sugar Suite 3.5/4.0Beta PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter. | 7.5 |
| 2005-12-08 | CVE-2005-4086 | Remote and Local File Include vulnerability in Sugarcrm Sugar Suite 3.5/4.0Beta Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | 5.0 |
| 2005-12-08 | CVE-2005-3665 | Cross-Site Scripting vulnerability in PHPMyAdmin Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation. network phpmyadmin | 4.3 |
| 2005-12-08 | CVE-2005-3661 | Remote Credential Reset vulnerability in Dell TrueMobile 2300 Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0.8 and 5.1.1.6, and possibly other versions, allows remote attackers to reset authentication credentials, then change configuration or firmware, via a direct request to apply.cgi with the Page parameter set to adv_password.asp. | 5.0 |
| 2005-12-08 | CVE-2005-4084 | Remote Security vulnerability in Phpbb Extreme Styles xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier allows remote attackers to obtain the installation path of the application via an invalid viewbackup parameter. | 5.0 |
| 2005-12-08 | CVE-2005-4083 | Directory Traversal vulnerability in Extreme Styles Phpbb Module Directory traversal vulnerability in xs_edit.php in the eXtreme Styles phpBB module 2.2.1 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-12-08 | CVE-2005-4082 | Local DHCP.Client vulnerability in QNX 4.25 The dhcp.client program for QNX 4.25 vmware is setuid, possibly by default, which allows local users to modify the NIC configuration and conduct other attacks. | 4.6 |
| 2005-12-08 | CVE-2005-4081 | Unspecified vulnerability in Alisveristr E-Commerce Multiple SQL injection vulnerabilities in Alisveristr E-commerce allow remote attackers to bypass authentication and possibly execute arbitrary SQL commands via the username and password parameters in (1) the user login and (2) administrator login pages. | 7.5 |
| 2005-12-08 | CVE-2005-4080 | Unspecified vulnerability in Horde IMP Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters. network horde | 4.3 |