Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-21 | CVE-2005-3016 | Remote Security vulnerability in PHP-Nuke Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. | 10.0 |
| 2005-09-21 | CVE-2005-3015 | Cross-Site Scripting vulnerability in IBM Lotus Domino and Lotus Domino Enterprise Server Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. network ibm | 4.3 |
| 2005-09-21 | CVE-2005-3014 | HTML Injection vulnerability in Ensim Webppliance 3.0/3.1/3.1.1 Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field. network ensim | 4.3 |
| 2005-09-21 | CVE-2005-3013 | Local Buffer Overflow vulnerability in Suse Linux 9.3 Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. | 4.6 |
| 2005-09-21 | CVE-2005-3012 | Unspecified vulnerability in Simplecdr-X 1.3.3 The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images. | 2.1 |
| 2005-09-21 | CVE-2005-3011 | Link Following vulnerability in GNU Texinfo 4.8 The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 1.2 |
| 2005-09-21 | CVE-2005-3010 | Unspecified vulnerability in Cutephp Cutenews Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php. | 7.5 |
| 2005-09-21 | CVE-2005-3009 | Cross-Site Scripting vulnerability in CuteNews Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php. network cutephp | 4.3 |
| 2005-09-21 | CVE-2005-3008 | Remote Python Code Execution vulnerability in Amar Sagoo Tofu 0.2 Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes. | 7.5 |
| 2005-09-21 | CVE-2005-3007 | Injection vulnerability in Opera Browser Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content. | 2.6 |