Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0885 | Unspecified vulnerability in XMB Forum XMB 1.9.1 Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Mood or (2) "Send To" fields. network xmb-forum | 4.3 |
| 2005-05-02 | CVE-2005-0884 | Remote Security vulnerability in Digitalhive 2.0 DigitalHive 2.0 allows remote attackers to re-install the product by directly accessing the install script. | 7.5 |
| 2005-05-02 | CVE-2005-0882 | SQL Injection vulnerability in Birdblog 1.0.0/1.1.0 SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters. | 7.5 |
| 2005-05-02 | CVE-2005-0880 | Information Disclosure vulnerability in Vortex Portal content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-0879 | Remote PHP File Include vulnerability in Vortex Portal Vortex Portal 2.0 PHP remote file include vulnerability in (1) content.php and (2) index.php for Vortex Portal allows remote attackers to execute arbitrary PHP code via a URL in the act parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0877 | Origin Validation Error vulnerability in Thekelleys Dnsmasq Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq. | 7.5 |
| 2005-05-02 | CVE-2005-0876 | Remote vulnerability in Dnsmasq Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file. | 5.0 |
| 2005-05-02 | CVE-2005-0875 | Unspecified vulnerability in Cerulean Studios Trillian 2.0/3.0/3.1 Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | 5.0 |
| 2005-05-02 | CVE-2005-0874 | Unspecified vulnerability in Cerulean Studios Trillian 2.0 Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | 5.0 |
| 2005-05-02 | CVE-2005-0873 | Remote Cross-Site Scripting vulnerability in Oracle 10G Reports Server 9.0.4.3.3 Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter. network oracle | 4.3 |