Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-05 | CVE-2005-2142 | Directory Traversal vulnerability in Kmint21 Software Golden FTP Server 2.60 Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command. | 2.1 |
2005-07-05 | CVE-2005-2141 | Denial-Of-Service vulnerability in Jollybox.De TCP Chat 1.0 TCP Chat 1.0 allows remote attackers to cause a denial of service (crash) via a long string to the chat service, possibly triggering a buffer overflow. | 5.0 |
2005-07-05 | CVE-2005-2140 | Directory Traversal vulnerability in Fsboard 2.0 Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter. | 5.0 |
2005-07-05 | CVE-2005-2139 | Remote Security vulnerability in Pavsta Auto Site PHP remote file inclusion vulnerability in user_check.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter. | 5.0 |
2005-07-05 | CVE-2005-2138 | Cross-Site Scripting vulnerability in Comdev Ecommerce 3.0/3.1 Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message. network comdev | 4.3 |
2005-07-05 | CVE-2005-2137 | Unspecified vulnerability in Nateon Messenger 3.0 Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers to list arbitrary directories via unknown attack vectors. | 5.0 |
2005-07-05 | CVE-2005-2135 | SQL-Injection vulnerability in Etoshop Dynamic BIZ Website Builder Quickweb 1.0 SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) T1 or (2) T2 parameters. | 7.5 |
2005-07-05 | CVE-2005-2134 | Denial-Of-Service vulnerability in NetBSD The (1) clcs and (2) emuxki drivers in NetBSD 1.6 through 2.0.2 allow local users to cause a denial of service (kernel crash) by using the set-parameters ioctl on an audio device to change the block size and set the pause state to "unpaused" in the same ioctl, which causes a divide-by-zero error. | 2.1 |
2005-07-05 | CVE-2005-2115 | Denial-Of-Service vulnerability in Soldier Of Fortune 2 Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause a denial of service (server crash) via a large ID value in the ignore command, which is used as an array index and causes an out-of-bounds operation. | 5.0 |
2005-07-05 | CVE-2005-2114 | Denial-Of-Service vulnerability in Firefox Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function. | 5.0 |