Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-17 | CVE-2005-1634 | Unspecified vulnerability in Jgs-Xa Jgs-Portal Multiple cross-site scripting (XSS) vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) anzahl_beitraege parameter to jgs_portal.php, (2) year parameter to jgs_portal_statistik.php, (3) year parameter to jgs_portal_beitraggraf.php, (4) tag parameter to jgs_portal_viewsgraf.php, (5) year parameter to jgs_portal_themengraf.php, (6) year parameter to jgs_portal_mitgraf.php, (7) id parameter to jgs_portal_sponsor.php, or (8) the Accept-Language header to jgs_portal_log.php. network jgs-xa | 4.3 |
2005-05-17 | CVE-2005-1633 | Unspecified vulnerability in Jgs-Xa Jgs-Portal Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) anzahl_beitraege parameter to jgs_portal.php, 2) year parameter to (jgs_portal_statistik.php, 3) year parameter to (jgs_portal_beitraggraf.php, 4) tag parameter to (jgs_portal_viewsgraf.php, 5) year parameter to (jgs_portal_themengraf.php, 6) year parameter to (jgs_portal_mitgraf.php, 7) id parameter to jgs_portal_sponsor.php, or (8) the Accept-Language header to jgs_portal_log.php. | 7.5 |
2005-05-17 | CVE-2005-1632 | Unspecified vulnerability in Tavis Rudd Cheetah 0.9.15/0.9.16 Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/. | 7.2 |
2005-05-17 | CVE-2005-1631 | Unspecified vulnerability in Booby booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs. | 5.0 |
2005-05-17 | CVE-2005-1630 | Remote Security vulnerability in Attachment Mod Unknown vulnerability in Attachment Mod before 2.3.13, related to a "serious issue with realnames," has unknown impact and attack vectors. | 7.5 |
2005-05-17 | CVE-2005-1629 | SQL Injection vulnerability in All Enthusiast PhotoPost PHP Pro Member.PHP SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter. | 7.5 |
2005-05-17 | CVE-2005-1627 | Local Security vulnerability in Viewglob Unknown vulnerability in Viewglob before 2.0.1, related to "a potential security issue with the Viewglob display and ssh X forwarding," has unknown impact. | 2.1 |
2005-05-17 | CVE-2005-1626 | Remote Buffer Overflow vulnerability in Pserv completedPath Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code. | 7.5 |
2005-05-17 | CVE-2005-1589 | Local Memory Corruption vulnerability in Multiple Linux Kernel IOCTL Handlers The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local users to cause a denial of service and possibly execute arbitrary code, a similar vulnerability to CVE-2005-1264. | 7.2 |
2005-05-17 | CVE-2005-1307 | Local Privilege Escalation vulnerability in Adobe Version Cue The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | 7.2 |