Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-12-04 | CVE-2005-3988 | SQL Injection vulnerability in Pineapple Technologies Lore 1.5.4 SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2005-12-04 | CVE-2005-3987 | SQL Injection vulnerability in Tradesoft CMS Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | 7.5 |
2005-12-04 | CVE-2005-3986 | SQL Injection vulnerability in Instant Photo Gallery Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter in portfolio.php and (2) cid parameter in content.php. | 7.5 |
2005-12-04 | CVE-2005-3985 | Denial of Service vulnerability in Astaro Security Linux 6.001/6.002/6.101 The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | 7.8 |
2005-12-04 | CVE-2005-3984 | SQL Injection vulnerability in Webcalendar 1.0.1 SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the time_range parameter to edit_report_handler.php. | 7.5 |
2005-12-04 | CVE-2005-3983 | Denial-Of-Service vulnerability in Systems Insight Manager 4.0/4.1 Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). | 7.8 |
2005-12-04 | CVE-2005-3982 | Unspecified vulnerability in Webcalendar 1.0.1 CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests. | 5.0 |
2005-12-04 | CVE-2005-3980 | Unspecified vulnerability in Edgewall Software Trac SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the group parameter. | 7.5 |
2005-12-03 | CVE-2005-3979 | Improper Authentication vulnerability in Coppermine-Gallery Coppermine Photo Gallery 1.4/1.4.2 relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after installation and does not use authentication, which allows remote attackers to obtain sensitive information, such as database configuration, via a direct request. | 5.0 |
2005-12-03 | CVE-2005-3978 | SQL Injection vulnerability in Scriptdevelopers.Net Netclassifieds 1.0.1/1.5.1/1.9.6.3 Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition 1.0.1, Professional Edition 1.5.1, Standard Edition 1.9.6.3, and Free Edition 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter in (a) ViewCat.php and (b) gallery.php, and the (2) ItemNum parameter in (c) ViewItem.php. | 7.5 |