Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-30 | CVE-2005-0487 | Cross-Site Scripting vulnerability in Kayako Esupport 2.3.1 Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter. network kayako | 6.8 |
| 2005-03-30 | CVE-2005-0485 | Cross-Site Scripting vulnerability in PHParena Panews 2.0B4 Cross-site scripting (XSS) vulnerability in comment.php for paNews 2.0b4 for PHP Arena allows remote attackers to inject arbitrary HTML and web script via the showpost parameter. | 6.8 |
| 2005-03-30 | CVE-2005-0484 | Remote Security vulnerability in GProFTPD Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log. | 7.5 |
| 2005-03-30 | CVE-2005-0483 | Directory Traversal vulnerability in glFTPD ZIP Plugins Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. | 5.0 |
| 2005-03-30 | CVE-2005-0482 | Remote vulnerability in TrackerCam TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a large number of connections with a negative Content-Length header, possibly triggering an integer signedness error, or (2) a large amount of data. | 5.0 |
| 2005-03-30 | CVE-2005-0481 | Remote vulnerability in TrackerCam TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script. | 5.0 |
| 2005-03-30 | CVE-2005-0480 | Remote vulnerability in TrackerCam Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login request, which is recorded in a log file but not properly handled when the administrator views the log file. network trackercam | 4.3 |
| 2005-03-30 | CVE-2005-0479 | Remote vulnerability in TrackerCam Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remote attackers to read arbitrary files via ".." sequences and (1) "/" slash), (2) "\" (backslash), or (3) hex-encoded characters in the fn parameter. | 5.0 |
| 2005-03-30 | CVE-2005-0478 | Remote vulnerability in TrackerCam Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script. | 5.0 |
| 2005-03-30 | CVE-2005-0477 | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url. | 4.3 |