Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-11 | CVE-2005-1508 | Cross-Site Scripting vulnerability in Pwsphp 1.2.2 Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4) annee parameters to the stats module, (5) id parameter to profil.php, (6) mb_lettre or (7) lettre parameter to memberlist.php, or (8) chaine_search, or (9) auteur_search parameter to the recherche module. network pwsphp | 6.8 |
| 2005-05-11 | CVE-2005-1507 | Remote Buffer Overflow vulnerability in 4D WebStar Tomcat Plugin Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL. | 5.0 |
| 2005-05-11 | CVE-2005-1506 | SQL-Injection vulnerability in CJ Ultra Plus 1.0.3/1.0.4 SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. | 7.5 |
| 2005-05-11 | CVE-2005-1505 | The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext. | 7.5 |
| 2005-05-11 | CVE-2005-1504 | Security Bypass vulnerability in Cd-Key Validation System GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed \disc\ command, which tells the server the CD key is no longer in use. | 5.0 |
| 2005-05-11 | CVE-2005-1503 | SQL Injection vulnerability in MidiCart PHP Search_List.PHP SearchString Parameter Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) searchstring parameter to search_list.php, the (2) maingroup or (3) secondgroup parameters to item_list.php, or (4) code_no parameter to item_show.php. | 7.5 |
| 2005-05-11 | CVE-2005-1502 | Cross-Site Scripting vulnerability in MidiCart PHP Search_List.PHP SearchString Parameter Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) searchstring parameter to search_list.php or the (2) secondgroup or (3) maingroup parameters to item_list.php. network midicart-software | 6.8 |
| 2005-05-11 | CVE-2005-1501 | Information Disclosure vulnerability in MidiCart PHP Shopping Cart MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive information via a direct request to (1) search_list.php, (2) item_list.php, or (3) item_show.php, which reveal the path in a PHP error message. | 7.5 |
| 2005-05-11 | CVE-2005-1500 | SQL Injection vulnerability in Mywebland Mybloggie 2.1.1/2.1.3 Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the keyword parameter in search.php; or (2) the date_no parameter in viewdate mode, (3) the cat_id parameter in viewcat mode, the (4) month_no or (5) year parameter in viewmonth mode, or (6) post_id parameter in viewid mode to index.php. | 7.5 |
| 2005-05-11 | CVE-2005-1499 | Input Validation vulnerability in Mybloggie 2.1.1/2.1.2 delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter. | 7.5 |