Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1450 | Remote Security vulnerability in Serendipity Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. | 7.5 |
| 2005-05-03 | CVE-2005-1449 | Remote Security vulnerability in Serendipity Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. | 10.0 |
| 2005-05-03 | CVE-2005-1448 | HTML Injection vulnerability in S9Y Serendipity BBCode Plugin Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network s9y | 6.8 |
| 2005-05-03 | CVE-2005-1447 | Remote Security vulnerability in Sitepanel PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to execute arbitrary PHP code via the p parameter. | 7.5 |
| 2005-05-03 | CVE-2005-1446 | Remote Security vulnerability in Sitepanel SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to upload and execute arbitrary files such as PHP scripts via an attachment to a trouble ticket. | 7.5 |
| 2005-05-03 | CVE-2005-1445 | Directory Traversal vulnerability in Sitepanel Multiple directory traversal vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to (1) delete arbitrary files via the id parameter in a rmattach action to 5.php, or (2) read arbitrary files via the lang parameter to index.php. | 6.4 |
| 2005-05-03 | CVE-2005-1444 | Cross-Site Scripting vulnerability in Sitepanel Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to inject arbitrary web script or HTML via (1) the v, show, or sec_name parameters to main.php, (2) the inadmin, newsev, or postid parameters to 5.php, or (3) the id parameter to 0.php. network sitepanel | 6.8 |
| 2005-05-03 | CVE-2005-1443 | Cross-Site Scripting vulnerability in Invision Power Board Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters. network invision-power-services | 6.8 |
| 2005-05-03 | CVE-2005-1442 | Local NOTES.INI Buffer Overflow vulnerability in IBM Lotus Notes Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file. | 4.6 |
| 2005-05-03 | CVE-2005-1441 | Remote Procedure Call Remote Format String vulnerability in IBM Lotus Domino Server Notes Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC). | 5.0 |