Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-09 | CVE-2005-1874 | Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. | 5.0 |
| 2005-06-09 | CVE-2005-1873 | Remote Security vulnerability in Crob FTP 3.6.1 Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string. | 7.5 |
| 2005-06-09 | CVE-2005-1871 | Remote Security vulnerability in Drupal Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly." | 7.5 |
| 2005-06-09 | CVE-2005-1870 | Remote Security vulnerability in Popper 1.41R2 PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter. | 5.0 |
| 2005-06-09 | CVE-2005-1867 | Remote Security vulnerability in Brightmail Anti-Spam Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges. | 7.5 |
| 2005-06-09 | CVE-2005-1864 | Remote Security vulnerability in Vincent HOR Calendarix Advanced 1.5 PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter. | 5.0 |
| 2005-06-09 | CVE-2005-1763 | Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory. | 7.2 |
| 2005-06-08 | CVE-2005-1968 | Cross-Site Scripting vulnerability in Early Impact Productcart 2.7 Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the error parameter to techErr.asp. network early-impact | 4.3 |
| 2005-06-08 | CVE-2005-1960 | The getemails function in C.J. | 7.5 |
| 2005-06-08 | CVE-2005-1943 | SQL Injection vulnerability in Loki Download Manager Default.ASP Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp. | 7.5 |