Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-21 | CVE-2005-3698 | Authentication Bypass vulnerability in PHP Easy Download Edit.PHP PHP Easy Download allows remote attackers to bypass authentication via edit.php. | 7.5 |
| 2005-11-21 | CVE-2005-3697 | Authentication Bypass vulnerability in Uresk Links Uresk Links 2.0Lite Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | 7.5 |
| 2005-11-20 | CVE-2005-3696 | SQL Injection vulnerability in Arki-DB SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action (view.php) to index.php. | 7.5 |
| 2005-11-20 | CVE-2005-3695 | Cross-Site Scripting vulnerability in Litespeed Technologies Litespeed web Server 2.1.5 Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter. network litespeed-technologies | 4.3 |
| 2005-11-20 | CVE-2005-3530 | Cross-Site Scripting vulnerability in Antville 1.1 Cross-site scripting (XSS) vulnerability in Antville 1.1 allows remote attackers to inject arbitrary web script or HTML via the notfound.skin error document. network antville | 4.3 |
| 2005-11-20 | CVE-2005-3529 | Information Exposure vulnerability in Tiki Tikiwiki Cms/Groupware 1.9.0/1.9.1/1.9.2 tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the installation path via an invalid topics_sort_mode parameter, possibly related to an SQL injection vulnerability. | 5.0 |
| 2005-11-20 | CVE-2005-3528 | Cross-Site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 1.9.0/1.9.1/1.9.2 Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to inject arbitrary web script or HTML via the topics_offset parameter. | 4.3 |
| 2005-11-20 | CVE-2005-2709 | Resource Management Errors vulnerability in Linux Kernel The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table. | 4.6 |
| 2005-11-20 | CVE-2005-3354 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sylpheed Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines. | 5.1 |
| 2005-11-20 | CVE-2005-3351 | Unspecified vulnerability in Apache Spamassassin 3.0.4 SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl. | 5.0 |