Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-14 | CVE-2005-1582 | Cross-Site Scripting vulnerability in 1Two News 1.0 Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) nom, (2) email, (3) siteweb, or (4) commentaire variables. network 1two | 4.3 |
| 2005-05-14 | CVE-2005-1581 | Cross-Site Scripting vulnerability in Eric Fichot BUG Report 1.0 Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when processed by bug_list.php or admin/index.php. network eric-fichot | 4.3 |
| 2005-05-14 | CVE-2005-1577 | Unspecified vulnerability in APG Technology Classmaster APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share. | 7.5 |
| 2005-05-14 | CVE-2005-1575 | Remote Security vulnerability in Mozilla Firefox 0.10.1/1.0 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | 5.0 |
| 2005-05-14 | CVE-2005-1571 | Directory Traversal vulnerability in Wenig and Spitzer-Williams Showoff Digital Media Software 1.5.4 Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic scripts. | 5.0 |
| 2005-05-14 | CVE-2005-1570 | SQL-Injection vulnerability in Battleaxe Software Bttlxeforum 2.0 forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability. | 5.0 |
| 2005-05-14 | CVE-2005-1569 | Cross-Site Scripting vulnerability in Directtopics 2.1/2.2 Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag. network directtopics | 4.3 |
| 2005-05-14 | CVE-2005-1566 | Denial-Of-Service vulnerability in Arcowave Systems Wlan AP + Adsl Router Aap3100Ar Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell. | 7.5 |
| 2005-05-14 | CVE-2005-1563 | Information Disclosure vulnerability in Bugzilla Hidden Product Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products. | 5.0 |
| 2005-05-14 | CVE-2005-1556 | Denial-Of-Service vulnerability in Gamespy Sdk Cd-Key Validation Toolkit Gamespy cd-key validation system allows remote attackers to cause a denial of service (cd-key already in use) by capturing and replaying a cd-key authorization session. | 5.0 |