Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-11-16 | CVE-2005-3578 | Input Validation vulnerability in Walla TeleSite SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary SQL commands via the sug parameter. | 7.5 |
| 2005-11-16 | CVE-2005-3577 | Input Validation vulnerability in Walla TeleSite Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter. network walla-telesite | 4.3 |
| 2005-11-16 | CVE-2005-3576 | Input Validation vulnerability in Walla TeleSite ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to access privileged information by entering the article number in tsurl parameter. | 5.0 |
| 2005-11-16 | CVE-2005-3575 | SQL Injection vulnerability in Cyphor Show.PHP SQL injection vulnerability in show.php in Cyphor 0.19 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-11-16 | CVE-2005-3574 | Remote Security vulnerability in Icms PHP file inclusion vulnerability in index.php of iCMS allows remote attackers to include arbitrary files via the page parameter. | 5.0 |
| 2005-11-16 | CVE-2005-3573 | Denial Of Service vulnerability in GNU Mailman Attachment Scrubber UTF8 Filename Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash). | 5.0 |
| 2005-11-16 | CVE-2005-3572 | SQL Injection vulnerability in Peel 2.6/2.7 SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. | 7.5 |
| 2005-11-16 | CVE-2005-3571 | Code Injection vulnerability in Codegrrl products PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. | 5.0 |
| 2005-11-16 | CVE-2005-3570 | Cross-Site Scripting vulnerability in Horde Unspecified cross-site scripting (XSS) vulnerability in Horde before 2.2.9 allows remote attackers to inject arbitrary web script or HTML via "not properly escaped error messages". | 4.3 |
| 2005-11-16 | CVE-2005-3569 | Denial of Service vulnerability in IBM DB2 Content Manager 8.2 INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX allows attackers to cause a denial of service (application crash) via unknown attack vectors involving LZH files. | 5.0 |