Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-31 | CVE-2005-1833 | SQL-Injection vulnerability in MyBulletinBoard Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php. | 7.5 |
2005-05-31 | CVE-2005-1832 | Cross-Site Scripting vulnerability in MyBulletinBoard Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php. network mybulletinboard | 4.3 |
2005-05-31 | CVE-2005-1799 | HTML Injection vulnerability in Freestyle Wiki and Wikilite Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network freestyle | 4.3 |
2005-05-31 | CVE-2005-1783 | Remote Security vulnerability in W.M.R. Simpson Bookreview Beta1.0 BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. | 5.0 |
2005-05-31 | CVE-2005-1781 | Denial-Of-Service vulnerability in MailEnable Professional Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash). | 5.0 |
2005-05-31 | CVE-2005-1779 | Unspecified vulnerability in Maxwebportal SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter. | 7.5 |
2005-05-31 | CVE-2005-1778 | Cross-Site Scripting vulnerability in Postnuke Software Foundation Postnuke 0.750 Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter. | 2.6 |
2005-05-31 | CVE-2005-1777 | Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.750 SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter. | 7.5 |
2005-05-31 | CVE-2005-1776 | Unspecified vulnerability in Cnedra Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string. | 7.5 |
2005-05-31 | CVE-2005-1775 | Buffer Errors vulnerability in Atari Terminator 3 WAR of the Machines 1.16 Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a large nickname. | 5.0 |