Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-17 | CVE-2005-2612 | Remote Security vulnerability in WordPress Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. | 7.5 |
2005-08-17 | CVE-2005-2611 | Unspecified vulnerability in Symantec Veritas Backup Exec, Backup Exec Remote Agent and Netbackup VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server. | 10.0 |
2005-08-17 | CVE-2005-2610 | Cross-Site Scripting vulnerability in VegaDNS Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter. network vegadns | 4.3 |
2005-08-17 | CVE-2005-2609 | Remote Security vulnerability in Vegadns 0.8.1/0.9.8 index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter. | 5.0 |
2005-08-17 | CVE-2005-2608 | Cross-Site Scripting vulnerability in Safehtml 1.3.2 SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML. network safehtml | 4.3 |
2005-08-17 | CVE-2005-2607 | Remote File Include vulnerability in PHPsimplicity Simplicity of Upload 1.3 PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters. | 5.0 |
2005-08-17 | CVE-2005-2606 | Authentication Bypass vulnerability in Phlymail 3.02.00 Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors. | 7.5 |
2005-08-17 | CVE-2005-2605 | Remote Authentication Bypass vulnerability in Omnipilot Software Lasso Professional Server 8.0.4/8.0.5 Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags. | 6.4 |
2005-08-17 | CVE-2005-2604 | Cross-Site Scripting vulnerability in MY Image Gallery MY Image Gallery 1.4.1 index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message. | 5.0 |
2005-08-17 | CVE-2005-2603 | Cross-Site Scripting vulnerability in MY Image Gallery MY Image Gallery 1.4.1 Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. network my-image-gallery | 4.3 |