Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-07 | CVE-2005-2485 | Cross Site Scripting vulnerability in Logicampus 1.1.0 Cross-site scripting (XSS) vulnerability in the Helpdesk in Logicampus before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network logicampus | 4.3 |
| 2005-08-07 | CVE-2005-2484 | Remote Buffer Overflow vulnerability in Denora IRC Stats Denora IRC Stats 1.0 Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 might allow attackers to execute arbitrary code. | 7.5 |
| 2005-08-07 | CVE-2005-2483 | Unspecified vulnerability in Karrigell Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script. | 7.5 |
| 2005-08-07 | CVE-2005-2482 | Unspecified vulnerability in Metasploit Framework The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command. | 5.0 |
| 2005-08-05 | CVE-2005-2481 | Information Disclosure vulnerability in Macromedia Coldfusion Fusebox 4.1.0 ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character. | 5.0 |
| 2005-08-05 | CVE-2005-2480 | Cross-Site Scripting vulnerability in Macromedia Coldfusion Fusebox 4.1.0 Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm. network macromedia | 4.3 |
| 2005-08-05 | CVE-2005-2479 | Denial of Service vulnerability in Pablo Software Solutions Quick N Easy FTP Server 3.0 Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command. | 5.0 |
| 2005-08-05 | CVE-2005-2478 | SQL Injection vulnerability in Silver-Scripts Silvernews 2.0.3 SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel. | 7.5 |
| 2005-08-05 | CVE-2005-2477 | SQL Injection vulnerability in Naxtor Shopping Cart 1.0 shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a "'" (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. | 5.0 |
| 2005-08-05 | CVE-2005-2476 | Cross-Site Scripting vulnerability in Naxtor Shopping Cart 1.0 Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter. network naxtor | 4.3 |