Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1385 | Denial-Of-Service vulnerability in Apple Safari 1.3 Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference. | 2.6 |
| 2005-05-03 | CVE-2005-1384 | SQL Injection vulnerability in PHPcoin 1.2/1.2.1/1.2.1B Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php. | 7.5 |
| 2005-05-03 | CVE-2005-1383 | Unspecified vulnerability in Oracle Application Server The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. | 7.5 |
| 2005-05-03 | CVE-2005-1382 | File Corruption vulnerability in Oracle Application Server 9i Webcache Arbitrary The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. | 5.0 |
| 2005-05-03 | CVE-2005-1381 | Cross-Site Scripting vulnerability in Oracle Application Server 9i Webcache Cache_dump_file Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter. network oracle | 6.8 |
| 2005-05-03 | CVE-2005-1380 | Cross-Site Scripting vulnerability in BEA Weblogic Server 8.1 Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action. network bea | 6.8 |
| 2005-05-03 | CVE-2005-1379 | Unspecified vulnerability in Mandrakesoft Mandrake Lam-Runtime 7.0.6.2Mdk The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges. | 4.6 |
| 2005-05-03 | CVE-2005-1378 | SQL Injection vulnerability in Notes Module for PHPBB SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors. | 7.5 |
| 2005-05-03 | CVE-2005-1377 | Remote Input Validation vulnerability in Claroline 1.5.3/1.6Beta/1.6Rc1 Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors. | 7.5 |
| 2005-05-03 | CVE-2005-1376 | Remote Input Validation vulnerability in Claroline 1.5.3/1.6Beta/1.6Rc1 Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files. | 7.5 |