Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-17 | CVE-2005-2602 | Unspecified vulnerability in Mozilla Firefox and Thunderbird Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks. | 2.6 |
2005-08-17 | CVE-2005-2601 | SQL Injection vulnerability in MidiCart ASP Item_Show.ASP Code_No Parameter SQL injection vulnerability in MidiCart allows remote attackers to execute arbitrary SQL commands via the code_no parameter to (1) Item_Show.asp or (2) search_list.asp. | 7.5 |
2005-08-17 | CVE-2005-2600 | Unspecified vulnerability in Ilia Alshanetsky Fudforum 2.6.15 FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter. | 5.0 |
2005-08-17 | CVE-2005-2599 | Unspecified vulnerability in Hummingbird Connectivity 10.0 Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial encoding) to store the user's password in the FTP profile, which allows attackers to gain privileges. | 7.5 |
2005-08-17 | CVE-2005-2598 | Directory Traversal vulnerability in Dokeos Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move_to and move_file parameters to claroline/document/document.php, or determine the existence of arbitrary files via the file parameter to (3) claroline/scorm/showinframes.php or (4) claroline/scorm/contents.php. | 5.0 |
2005-08-17 | CVE-2005-2597 | Local Privilege Escalation vulnerability in AOL Client Software 9.0 AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program. | 7.2 |
2005-08-17 | CVE-2005-2596 | Unspecified vulnerability in Gallery Project Gallery 1.3.4 User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries. | 4.6 |
2005-08-17 | CVE-2005-2595 | HTML Injection vulnerability in Dada Mail Archives Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. network dada-mail | 4.3 |
2005-08-17 | CVE-2005-2594 | Denial Of Service vulnerability in Apple Safari 1.3 Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. | 5.0 |
2005-08-17 | CVE-2005-2593 | Multiple Unspecified vulnerability in Parlano Mindalign 5.0 Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors. | 10.0 |