Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0899 | Unspecified vulnerability in IBM OS 400 5.2 AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated users to obtain OS/400 user profiles by performing a search. | 2.1 |
| 2005-05-02 | CVE-2005-0897 | Remote File Include vulnerability in Magicscripts E-Store Kit-2 Paypal PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-05-02 | CVE-2005-0896 | Cross-Site Scripting vulnerability in Accomplishtechnology PHPmydirectory 10.1.3 Multiple cross-site scripting (XSS) vulnerabilities in review.php in phpMyDirectory 10.1.3-rel allow remote attackers to inject arbitrary web script or HTML via the (1) subcat, (2) page, or (3) subsubcat parameter. | 4.3 |
| 2005-05-02 | CVE-2005-0895 | Remote Denial of Service vulnerability in Netcomm Nb1300 4.4.1 Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets. | 5.0 |
| 2005-05-02 | CVE-2005-0894 | Insecure Temporary File Creation vulnerability in Openmosixview 1.5 OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete arbitrary files via a symlink attack on (1) temporary files in the openmosixcollector directory or (2) nodes.tmp. | 3.6 |
| 2005-05-02 | CVE-2005-0893 | Remote Security vulnerability in Smail 3.2.0.120 modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc. | 7.6 |
| 2005-05-02 | CVE-2005-0891 | Double Free vulnerability in Gnome GTK Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image. | 7.5 |
| 2005-05-02 | CVE-2005-0890 | SQL Injection vulnerability in Dream4 Koobi CMS 4.2.3 SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0888 | Unspecified vulnerability in Michael Dean Double Choco Latte 0.9.4.3 Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) class or (2) method name. network michael-dean | 4.3 |
| 2005-05-02 | CVE-2005-0886 | HTML Injection vulnerability in Invision Power Board Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. network invision-power-services | 4.3 |