Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-16 | CVE-2005-1265 | Local Denial Of Service vulnerability in Linux Kernel 2.6.10 The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash). | 2.1 |
| 2005-06-15 | CVE-2005-2041 | Remote Security vulnerability in Hauri Virobot Linux Server 2.0 Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE). | 5.0 |
| 2005-06-15 | CVE-2005-2002 | SQL Injection vulnerability in Mambo Open Source Com_Contents SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating parameter. | 7.5 |
| 2005-06-15 | CVE-2005-2001 | Directory Traversal vulnerability in paFileDB Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. | 5.0 |
| 2005-06-15 | CVE-2005-2000 | SQL-Injection vulnerability in paFileDB Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter (1) in the login form, (2) in the team login form, or (3) to auth.php, (4) select, (5) id, or (6) query parameter to pafiledb.php, or (7) string parameter to search.php. | 7.5 |
| 2005-06-15 | CVE-2005-1999 | Cross-Site Scripting vulnerability in PHP Arena Pafiledb 3.1 Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php). network php-arena | 4.3 |
| 2005-06-15 | CVE-2005-1998 | Unspecified vulnerability in Mcgallery 1.1 Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-06-15 | CVE-2005-1997 | Information Disclosure vulnerability in Mcgallery 1.1 show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter. | 5.0 |
| 2005-06-15 | CVE-2005-1996 | Code Injection vulnerability in Bitrix Site Manager PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter. | 5.0 |
| 2005-06-15 | CVE-2005-1995 | Information Disclosure vulnerability in Bitrix Site Manager Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, which reveals the path in an error message. | 5.0 |