Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-11 | CVE-2005-1486 | Cross-Site Scripting vulnerability in Fishnet Fishcart 3.1 Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) trackingnum, (2) reqagree, or (3) m parameter to upstracking.php or (4) nlst parameter to display.php. | 5.0 |
2005-05-11 | CVE-2005-1485 | Information Disclosure vulnerability in Kmint21 Software Golden FTP Server 2.52 Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message. | 5.0 |
2005-05-11 | CVE-2005-1484 | Directory Traversal vulnerability in Golden FTP Server Pro Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command. | 5.0 |
2005-05-11 | CVE-2005-1483 | Remote vulnerability in Interspire Articlelive 2005 Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter. network interspire | 4.3 |
2005-05-11 | CVE-2005-1482 | Remote vulnerability in Interspire Articlelive 2005 ArticleLive 2005 allows remote attackers to gain privileges by modifying the (1) auth and (2) userId fields in a cookie. | 7.5 |
2005-05-11 | CVE-2005-1481 | SQL-Injection vulnerability in Aaronoutpost ASP Inline Corporate Calendar 3 Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline Corporate Calendar allow remote attackers to execute arbitrary SQL commands via the Event_ID parameter to (1) defer.asp or (2) details.asp. | 7.5 |
2005-05-11 | CVE-2005-1480 | Unspecified vulnerability in Raiden Professional Servers Raidenftpd Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbitrary files via a "..\\" (dot dot backslash) in the urlget site command. | 5.0 |
2005-05-11 | CVE-2005-1479 | SQL Injection vulnerability in JGS-Portal ID Variable SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
2005-05-11 | CVE-2005-1478 | Remote Format String vulnerability in Netwin Dmail 3.1A/3.1B Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string specifiers in the xtellmail command. | 7.5 |
2005-05-11 | CVE-2005-1263 | Local Buffer Overflow vulnerability in Linux Kernel ELF Core Dump The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow. | 7.2 |