Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0377 | SQL Injection vulnerability in Sergey Kiselev Sgallery 1.01 SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters. | 7.5 |
| 2005-05-02 | CVE-2005-0375 | Information Disclosure vulnerability in Sergey Kiselev Sgallery 1.01 imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function. | 5.0 |
| 2005-05-02 | CVE-2005-0374 | Unspecified vulnerability in Bitshifters Bitboard 2.0/2.5 Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover. network bitshifters | 4.3 |
| 2005-05-02 | CVE-2005-0371 | Unspecified vulnerability in Armagetron and Armagetron Advanced Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (freeze) via a large number of player connections that do not send any data. | 5.0 |
| 2005-05-02 | CVE-2005-0370 | Denial-Of-Service vulnerability in Armagetron and Armagetron Advanced Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (network disconnection) via an empty UDP packet, which is not properly distinguished from the "no new packets" state of the associated socket. | 5.0 |
| 2005-05-02 | CVE-2005-0368 | SQL Injection vulnerability in CMScore Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php. | 7.5 |
| 2005-05-02 | CVE-2005-0366 | Inadequate Encryption Strength vulnerability in Gnupg The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed. | 5.0 |
| 2005-05-02 | CVE-2005-0365 | Unspecified vulnerability in KDE 3.2.X/3.3.X The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
| 2005-05-02 | CVE-2005-0363 | Unspecified vulnerability in Awstats 4.0/6.2 awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | 7.5 |
| 2005-05-02 | CVE-2005-0353 | Remote Buffer Overflow vulnerability in Safenet Sentinel License Manager 7.2.0.2 Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093. | 10.0 |