Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-06 | CVE-2005-4042 | Cross-Site Scripting vulnerability in MR. CGI GUY Warm Links 1.0.0 Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi. network mr-cgi-guy | 4.3 |
| 2005-12-06 | CVE-2005-4041 | Software Search.CGI Cross-Site Scripting vulnerability in Mr CGI Guy Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string. network mr-cgi-guy | 4.3 |
| 2005-12-06 | CVE-2005-4040 | SQL Injection vulnerability in Tawbaware Filelister SQL injection vulnerability in FileLister 0.51 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameters, possibly the searchwhat parameter to definesearch.jsp. | 7.5 |
| 2005-12-06 | CVE-2005-4039 | Directory Traversal vulnerability in Web4Future Portal Solutions Directory traversal vulnerability in arhiva.php in Web4Future Portal Solutions News Portal allows remote attackers to read arbitrary files via the dir parameter. | 7.8 |
| 2005-12-06 | CVE-2005-4038 | SQL Injection vulnerability in Web4Future Portal Solutions Comentarii.PHP SQL injection vulnerability in comentarii.php in Web4Future Portal Solutions News Portal allows remote attackers to execute arbitrary SQL commands via the idp parameter. | 7.5 |
| 2005-12-06 | CVE-2005-4037 | SQL Injection vulnerability in Web4Future Affiliate Manager PRO Functions.PHP SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. | 7.5 |
| 2005-12-06 | CVE-2005-4036 | Cross-Site Scripting vulnerability in Web4Future Keyword Frequency Counter 1.0 Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL." network web4future | 4.3 |
| 2005-12-06 | CVE-2005-4035 | SQL Injection vulnerability in Web4Future eCommerce Enterprise Edition Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prod, and (2) brid parameters to (a) view.php; the (3) the bid parameter to (b) viewbrands.php; and the (4) grp and (5) cat parameters to index.php. | 7.5 |
| 2005-12-06 | CVE-2005-4034 | SQL Injection vulnerability in Web4Future Edating Professional 5 Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) pg, and (3) sortb parameters to (a) index.php; (4) cid parameter to (b) gift.php and (c) fq.php; and (5) cat parameter to (d) articles.php. | 7.5 |
| 2005-12-06 | CVE-2005-4033 | Unspecified vulnerability in ALI Bousahid Nodezilla Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information. | 5.0 |