Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-06-01 | CVE-2005-1822 | SQL Injection and Cross-Site Scripting vulnerability in Qualiteam X-Cart 4.0.8 Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php. | 7.5 |
2005-06-01 | CVE-2005-1821 | Remote File Include vulnerability in Powerscripts.Org Powerdownload 3.0.2/3.0.3 PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code via the incdir parameter to downloads.php. | 7.5 |
2005-06-01 | CVE-2005-1820 | Remote Command Execution vulnerability in Zeroboard Preg_replace zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP code via improper quoting when using the preg_replace function. | 7.5 |
2005-06-01 | CVE-2005-1819 | Unspecified vulnerability in Nikosoft Webmail Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network nikosoft | 4.3 |
2005-06-01 | CVE-2005-1818 | SQL Injection vulnerability in NewLife Blogger Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 allow remote attackers to execute arbitrary SQL commands via unknown attack vectors. | 7.5 |
2005-06-01 | CVE-2005-1817 | Unspecified vulnerability in Invision Power Services Invision Board Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters. | 5.0 |
2005-06-01 | CVE-2005-1816 | Privilege Escalation vulnerability in Invision Power Board Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in this group to" screen. | 4.6 |
2005-06-01 | CVE-2005-1815 | Stack Overflow vulnerability in Hummingbird Connectivity 10.0/7.1/9.0 Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe). | 5.0 |
2005-06-01 | CVE-2005-1814 | Remote Buffer Overflow vulnerability in Newmad Technologies Picowebserver 1.0 Stack-based buffer overflow in PicoWebServer 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URL. | 7.5 |
2005-06-01 | CVE-2005-1813 | Path Traversal vulnerability in Futuresoft Tftp Server 2000 1.0.0.1 Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences. | 7.8 |