Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-16 | CVE-2005-1965 | Code Injection vulnerability in Glen Campbell Siteframe PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCAL_PATH parameter. | 7.5 |
2005-06-16 | CVE-2005-1963 | Information Disclosure vulnerability in Cerberus Helpdesk 0.97.3 Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3) configuration.php, which leaks the information in a PHP error message. | 5.0 |
2005-06-16 | CVE-2005-1962 | Cross-Site Scripting vulnerability in Cerberus Helpdesk 0.97.3 Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php. network cerberus | 4.3 |
2005-06-16 | CVE-2005-1954 | Information Disclosure vulnerability in Singapore 0.9.11 singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message. | 5.0 |
2005-06-16 | CVE-2005-1952 | Remote Security vulnerability in Pico Server Pico Server 3.3 Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. | 7.5 |
2005-06-16 | CVE-2005-1951 | HTTP Response Splitting vulnerability in osCommerce Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the (1) products_id or (2) pid parameter to index.php or (3) goto parameter to banner.php. | 5.0 |
2005-06-16 | CVE-2005-1769 | Unspecified vulnerability in Squirrelmail Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in (1) the URL or (2) an e-mail message. network squirrelmail | 4.3 |
2005-06-16 | CVE-2005-1722 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | 7.2 |
2005-06-16 | CVE-2005-1721 | Unspecified vulnerability in Apple AFP Server Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. | 7.5 |
2005-06-16 | CVE-2005-1720 | Unspecified vulnerability in Apple AFP Server AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | 2.1 |