Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-12 | CVE-2005-2229 | Information Disclosure vulnerability in Blog Torrent Blog Torrent 0.92 and earlier stores sensitive files under the web document root in the (1) data or (2) torrents directories with insufficient access control, which allows remote attackers to obtain sensitive information such as account names and password hashes, as demonstrated using data/newusers. | 7.5 |
2005-07-12 | CVE-2005-2228 | Information Disclosure vulnerability in BDC Enterprises web WIZ Forums 7.9/7.91/8.0Alpha Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum. | 5.0 |
2005-07-12 | CVE-2005-2227 | Local Information Disclosure vulnerability in Softiacom Wmailserver 1.0 Softiacom wMailserver 1.0 stores passwords in plaintext in the Darsite\MAILSRV\Admin key, which allows local users to gain administrator privileges. | 7.2 |
2005-07-12 | CVE-2005-2226 | Multiple vulnerability in Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information. | 5.0 |
2005-07-12 | CVE-2005-2223 | Denial-Of-Service vulnerability in Mailenable Professional and Mailenable Standard Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication. | 5.0 |
2005-07-12 | CVE-2005-2222 | Remote Security vulnerability in MailEnable Professional Unknown vulnerability in the HTTPMail service in MailEnable Professional before 1.6 has unknown impact and attack vectors. | 10.0 |
2005-07-12 | CVE-2005-2219 | Cross-Site Request Forgery vulnerability in Hosting Controller Hosting Controller 6.1Hotfix2.1 Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action. | 4.6 |
2005-07-12 | CVE-2005-2217 | Information Disclosure vulnerability in Dansie Shopping Cart Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | 5.0 |
2005-07-12 | CVE-2005-2216 | Unspecified vulnerability in Photogal Photo Gallery PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter. | 7.5 |
2005-07-12 | CVE-2005-2215 | Cross-Site Scripting vulnerability in MediaWiki Page Move Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888. network mediawiki | 4.3 |