Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-12 | CVE-2005-1729 | Denial-Of-Service vulnerability in Novell Edirectory 8.7.3 Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1. | 5.0 |
2005-06-11 | CVE-2005-1953 | Remote Security vulnerability in Pico Server Pico Server 3.3 Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request. | 7.5 |
2005-06-10 | CVE-2005-1966 | Remote Command Execution vulnerability in E107 1.0.1 The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter. | 7.5 |
2005-06-10 | CVE-2005-1942 | Security Bypass vulnerability in Catalyst Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. | 7.5 |
2005-06-10 | CVE-2005-1267 | Denial Of Service vulnerability in tcpdump BGP Decoding Routines The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet. | 5.0 |
2005-06-09 | CVE-2005-1964 | Remote Security vulnerability in Cantico Ovidentia FX PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPath parameter. | 7.5 |
2005-06-09 | CVE-2005-1950 | Remote Command Execution vulnerability in Darryl Burgdorf Webhints 1.3 hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | 7.5 |
2005-06-09 | CVE-2005-1948 | SQL Injection vulnerability in Invision Power Services Invision Gallery 1.0.1/1.3 Multiple SQL injection vulnerabilities in Invision Gallery before 1.3.1 allow remote attackers to execute arbitrary SQL commands via (1) the comment parameter in an editcomment action or (2) the rating parameter when voting on a photo. | 7.5 |
2005-06-09 | CVE-2005-1947 | Cross-Site Request Forgery (CSRF) vulnerability in Invisioncommunity Gallery Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user via a link or IMG tag to the (1) albums or (2) delimg actions. | 4.3 |
2005-06-09 | CVE-2005-1946 | SQL-Injection vulnerability in Invision Community Blog 1.0/1.1 Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to an editentry, replyentry, or editcomment action, or (2) the mid parameter to an aboutme action. | 7.5 |