Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-01 | CVE-2005-0403 | Unspecified vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. | 7.2 |
2005-08-31 | CVE-2005-2761 | Unspecified vulnerability in PHPgroupware 0.9.16.000 Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message. network phpgroupware | 4.3 |
2005-08-30 | CVE-2005-2655 | Unspecified vulnerability in Maildrop lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments. | 10.0 |
2005-08-30 | CVE-2005-2654 | Unspecified vulnerability in PHPldapadmin Project PHPldapadmin phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set. | 7.5 |
2005-08-30 | CVE-2005-2737 | Unspecified vulnerability in Photopost PHP PRO 5.1 Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network photopost | 4.3 |
2005-08-30 | CVE-2005-2736 | Unspecified vulnerability in Yapig Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network yapig | 4.3 |
2005-08-30 | CVE-2005-2735 | Unspecified vulnerability in PHPgraphy 0.9.9A Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network phpgraphy | 4.3 |
2005-08-30 | CVE-2005-2734 | Unspecified vulnerability in Gallery Project Gallery Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag. network gallery-project | 4.3 |
2005-08-30 | CVE-2005-2733 | Remote Arbitrary File Upload vulnerability in Alexander Palmo Simple PHP Blog 0.4.0 upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code. | 7.5 |
2005-08-30 | CVE-2005-2732 | Information Disclosure vulnerability in AWStats AWStats 6.4, and possibly earlier versions, allows remote attackers to obtain sensitive information via a file that does not exist in the config parameter, which reveals the path in an error message. | 5.0 |