Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-22 | CVE-2005-3762 | SQL Injection vulnerability in Exponent CMS SQL injection vulnerability in the navigation module (navigationmodule) in Exponent CMS 0.96.3 and later versions allows remote attackers to execute arbitrary SQL commands via the parent parameter. | 7.5 |
| 2005-11-22 | CVE-2005-3761 | Unspecified vulnerability in Exponent Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and later versions allows remote attackers to inject arbitrary web script or HTML via (1) Javascript in forms produced by the form generator or (2) the parameters to the installer. network exponent | 4.3 |
| 2005-11-22 | CVE-2005-3760 | Buffer Errors vulnerability in IBM Websphere Application Server 5.0 Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND). | 7.8 |
| 2005-11-22 | CVE-2005-3759 | Cross-Site Scripting vulnerability in Horde Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) gzip/tar and (2) css MIME viewers, which do not filter or escape dangerous HTML when extracting and displaying attachments. | 5.8 |
| 2005-11-22 | CVE-2005-3758 | Remote vulnerability in Google Mini Search Appliance and Search Appliance Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet. network google | 4.3 |
| 2005-11-22 | CVE-2005-3757 | Remote vulnerability in Google Mini Search Appliance and Search Appliance The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec. | 7.5 |
| 2005-11-22 | CVE-2005-3756 | Remote vulnerability in Google Mini Search Appliance and Search Appliance Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports. | 5.0 |
| 2005-11-22 | CVE-2005-3755 | Remote vulnerability in Google Mini Search Appliance and Search Appliance Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages. | 5.0 |
| 2005-11-22 | CVE-2005-3754 | Remote vulnerability in Google Mini Search Appliance and Search Appliance Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message. network google | 4.3 |
| 2005-11-22 | CVE-2005-3753 | Denial-Of-Service vulnerability in kernel Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. | 7.8 |