Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-18 | CVE-2005-2296 | Information Disclosure vulnerability in Yabb 1.5.5C YabbSE 1.5.5c allows remote attackers to obtain sensitive information via a direct request to ssi_examples.php, which reveals the path. | 5.0 |
2005-07-18 | CVE-2005-2295 | Remote Denial of Service vulnerability in Pyrosoft INC Netpanzer 0.8 NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (infinite loop) via a packet with a zero datablock size. | 5.0 |
2005-07-18 | CVE-2005-2294 | Information Disclosure vulnerability in Forms And Reports Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers. | 2.1 |
2005-07-18 | CVE-2005-2293 | Incomplete Cleanup vulnerability in Oracle Forms Builder 9.0.4 Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information. | 5.5 |
2005-07-18 | CVE-2005-2292 | Information Disclosure vulnerability in Oracle Jdeveloper 10.1.2/9.0.4/9.0.5 Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information. | 2.1 |
2005-07-18 | CVE-2005-2291 | Information Disclosure vulnerability in Oracle Jdeveloper 10.1.2/9.0.4/9.0.5 Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. | 4.6 |
2005-07-18 | CVE-2005-2290 | Remote Command Execution vulnerability in WPS Wps_shop.CGI wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and (2) cat variables. | 10.0 |
2005-07-18 | CVE-2005-2289 | Information Disclosure vulnerability in PHPcounter 7.2 PHPCounter 7.2 allows remote attackers to obtain sensitive information via a direct request to prelims.php, which reveals the path in an error message. | 5.0 |
2005-07-18 | CVE-2005-2288 | Unspecified vulnerability in PHPcounter 7.2 Cross-site scripting (XSS) vulnerability in PHPCounter 7.2 allows remote attackers to inject arbitrary web script or HTML via the EpochPrefix parameter. network phpcounter | 4.3 |
2005-07-18 | CVE-2005-2287 | Denial-Of-Service vulnerability in Wmailserver 1.0/2.0 SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow. | 5.0 |