Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-11 | CVE-2005-2209 | Cleartext Storage of Sensitive Information vulnerability in Capturix Scanshare 1.06 Capturix ScanShare 1.06 build 50 stores sensitive information such as the password in cleartext in capturixss_cfg.ini, which is readable by local users. | 5.5 |
2005-07-11 | CVE-2005-2208 | Denial-Of-Service vulnerability in Privashare 1.1B PrivaShare 1.1b allows remote attackers to cause a denial of service (crash) via a malformed message. | 5.0 |
2005-07-11 | CVE-2005-2207 | Cross-Site Scripting vulnerability in CartWIZ Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. network elemental-software | 4.3 |
2005-07-11 | CVE-2005-2206 | SQL-Injection vulnerability in CartWIZ Multiple SQL injection vulnerabilities in CartWIZ allow remote attackers to modify SQL statements via the (1) idProduct parameter to tellAFriend.asp, (2) sortType parameter to viewSupportTickets.asp, or the id parameter to (3) updateCreditCards.asp or (4) deleteCreditCards.asp. | 7.5 |
2005-07-11 | CVE-2005-2205 | Remote Command Execution vulnerability in Pngren 2.0.1 The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | 7.5 |
2005-07-11 | CVE-2005-2204 | Unspecified vulnerability in Broadcom Etrust Siteminder 5.5 Cross-site scripting (XSS) vulnerability in Computer Associates (CA) eTrust SiteMinder 5.5, when the "CSSChecking" parameter is set to "NO," allows remote attackers to inject arbitrary web script or HTML via the (1) PASSWORD or (2) BUFFER parameters to smpwservicescgi.exe, (3) the TARGET parameter to login.fcc, and possibly other vectors. network broadcom | 4.3 |
2005-07-11 | CVE-2005-2203 | Security Bypass vulnerability in phpWishlist login.php in phpWishlist before 0.1.15 allows remote attackers to bypass authentication via a direct request to admin.php. | 7.5 |
2005-07-11 | CVE-2005-2202 | Cross-Site Scripting vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545 Cross-site scripting (XSS) vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network xerox | 4.3 |
2005-07-11 | CVE-2005-2201 | Denial-Of-Service vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545 Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests. | 6.4 |
2005-07-11 | CVE-2005-2200 | Security Bypass vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545 Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication. | 7.5 |