Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-16 | CVE-2005-1594 | Input Validation vulnerability in Codethat Shoppingcart 1.3.1 SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-05-16 | CVE-2005-1593 | Input Validation vulnerability in Codethat Shoppingcart 1.3.1 Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. network codethat | 6.8 |
| 2005-05-16 | CVE-2005-1592 | Remote Security vulnerability in BirdBlog Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | 7.5 |
| 2005-05-16 | CVE-2005-1591 | Denial-Of-Service vulnerability in Solaris Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. | 5.0 |
| 2005-05-16 | CVE-2005-1590 | Local Security vulnerability in Deployment Solution The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070. | 4.6 |
| 2005-05-16 | CVE-2005-1367 | Unspecified vulnerability in Pico Server Pico Server Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root. | 7.5 |
| 2005-05-16 | CVE-2005-1366 | Remote Source Code Disclosure vulnerability in PServ Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL. | 7.5 |
| 2005-05-16 | CVE-2005-1365 | Directory Traversal vulnerability in Pserv Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences. | 10.0 |
| 2005-05-16 | CVE-2005-1248 | Buffer Overflow vulnerability in Apple iTunes MPEG4 Parsing Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file. | 7.5 |
| 2005-05-16 | CVE-2005-1193 | Unspecified vulnerability in PHPbb Group PHPbb The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used in viewtopic.php, privmsg.php, and other scripts, allow remote attackers to execute arbitrary script via a BBcode tag with a (1) javascript:, (2) applet:, (3) about:, (4) activex:, (5) chrome:, or (6) script: URI scheme, as demonstrated using the URL tag. | 7.5 |