Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-0663 SQL-Injection vulnerability in Mercuryboard 1.1.2
SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter.
network
low complexity
mercuryboard
7.5
7.5
2005-05-02 CVE-2005-0662 Cross-Site Scripting vulnerability in Mercuryboard 1.1.2
Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field.
network
mercuryboard
4.3
4.3
2005-05-02 CVE-2005-0661 SQL-Injection vulnerability in Burning Board
SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) lastvisit cookie.
network
low complexity
woltlab
7.5
7.5
2005-05-02 CVE-2005-0660 Cross-Site Scripting vulnerability in Adalis D-Forum 1.11
Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.
network
adalis
4.3
4.3
2005-05-02 CVE-2005-0659 Information Disclosure vulnerability in phpBB
phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message.
network
low complexity
phpbb-group
5.0
5.0
2005-05-02 CVE-2005-0658 SQL-Injection vulnerability in Cmw Linklist
SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute arbitrary SQL commands via the category_uid parameter.
network
low complexity
cmw-linklist
7.5
7.5
2005-05-02 CVE-2005-0657 Denial-Of-Service vulnerability in Computalynx Cproxy 3.3/3.4/3.4.4
Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4.x through 3.4.4 allows remote attackers to read arbitrary files or cause a denial of service (application crash) via a ..
network
low complexity
computalynx
6.4
6.4
2005-05-02 CVE-2005-0656 Cross-Site Scripting vulnerability in Arif Supriyanto Auracms 1.5
Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.
network
arif-supriyanto
4.3
4.3
2005-05-02 CVE-2005-0655 Information Disclosure vulnerability in Arif Supriyanto Auracms 1.5
auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
network
low complexity
arif-supriyanto
5.0
5.0
2005-05-02 CVE-2005-0654 Unspecified vulnerability in Gimp 2.0.5/2.2.3/2.2.4
gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause a denial of service (application crash) via the image descriptor (1) height or (2) width fields set to zero.
network
low complexity
gimp
5.0
5.0