Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1440 | Cross-Site Scripting and HTML Injection vulnerability in Codetosell Viart Shop Enterprise 2.1.6 Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) various parameters to basket.php, (2) the nickname, email, topic, and message fields in forum.php, as demonstrated using forum_new_thread.php and forum_thread.php, (3) the page parameter to page.php, (4) category_id and item_id parameters to reviews.php, (5) the category_id parameter to product_details.php, (6) the category_id or search_string parameters to products.php, or (7) the rp or page parameters to news_view.php. network codetosell | 6.8 |
| 2005-05-03 | CVE-2005-1439 | Directory Traversal vulnerability in osTicket Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. | 7.5 |
| 2005-05-03 | CVE-2005-1438 | Remote Security vulnerability in Osticket 1 PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the include_dir parameter. | 7.5 |
| 2005-05-03 | CVE-2005-1437 | SQL-Injection vulnerability in Osticket 1.X Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php. | 7.5 |
| 2005-05-03 | CVE-2005-1436 | Cross-Site Scripting vulnerability in Osticket 1.2.7/1.3.0 Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket. network osticket | 6.8 |
| 2005-05-03 | CVE-2005-1435 | Unspecified vulnerability in Open Webmail Open Webmail Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename. | 7.5 |
| 2005-05-03 | CVE-2005-1434 | Denial-Of-Service vulnerability in OpenView Network Node Manager Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code. | 7.5 |
| 2005-05-03 | CVE-2005-1433 | Denial-Of-Service vulnerability in OpenView Event Correlation Services 3.2/3.3 Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code. | 4.6 |
| 2005-05-03 | CVE-2005-1431 | Denial of Service vulnerability in GNUTLS Padding The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c. | 5.0 |
| 2005-05-03 | CVE-2005-1430 | Local Security vulnerability in Mac OS X Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | 3.6 |