Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-04-12 | CVE-2005-1147 | calendar.pl in CalendarScript 3.20 allows remote attackers to obtain sensitive information via invalid (1) calendar or (2) template parameters, which leaks the full pathname and debug information. | 5.0 |
| 2005-04-12 | CVE-2005-1144 | Information Disclosure vulnerability in EasyPHPCalendar popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message. | 5.0 |
| 2005-04-12 | CVE-2005-1143 | Cross-Site Scripting vulnerability in EasyPHPCalendar Cross-site scripting (XSS) vulnerability in index.php in EasyPHPCalendar before 6.2.8 allows remote attackers to inject arbitrary web script or HTML via the yr parameter. network easyphpcalendar | 4.3 |
| 2005-04-12 | CVE-2005-1130 | Cross-Site Scripting vulnerability in Pinnacle Cart Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter. network desert-dog-software | 4.3 |
| 2005-04-12 | CVE-2005-1103 | Unspecified vulnerability in Sygate Technologies Security Agent Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA. | 4.6 |
| 2005-04-12 | CVE-2005-1099 | Unspecified vulnerability in Salim Gasmi GLD Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code. | 10.0 |
| 2005-04-12 | CVE-2005-1078 | Unspecified vulnerability in Xampp Apache Distribution XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges. | 7.5 |
| 2005-04-12 | CVE-2005-1077 | Remote HTML Injection vulnerability in XAMPP CDS.PHP Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php. network xampp | 4.3 |
| 2005-04-12 | CVE-2005-1071 | SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the haslo parameter. | 7.5 |
| 2005-04-12 | CVE-2005-0610 | Local Insecure Temporary File Handling vulnerability in FreeBSD PortUpgrade Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | 7.2 |