Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1429 | SQL Injection vulnerability in Abczone.It Wwwguestbook 1.1 SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. | 7.5 |
| 2005-05-03 | CVE-2005-1428 | File-Upload vulnerability in Uapplication Uphotogallery edit_image.asp in Uapplication Uphotogallery allows remote attackers to upload arbitrary files. | 7.5 |
| 2005-05-03 | CVE-2005-1427 | Information Disclosure vulnerability in uPhotoGallery Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb. | 7.5 |
| 2005-05-03 | CVE-2005-1426 | Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb (aka mdb-database/blog.msb). | 5.0 |
| 2005-05-03 | CVE-2005-1425 | Permissions, Privileges, and Access Controls vulnerability in Uapplication Uguestbook 1.0 Uapplication Uguestbook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/guestbook.mdb. | 5.0 |
| 2005-05-03 | CVE-2005-1424 | Local Information Disclosure vulnerability in Stumbleinside Gotext 1.01 StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | 2.1 |
| 2005-05-03 | CVE-2005-1423 | Denial-Of-Service vulnerability in Software602 602Lan Suite 2004.0.05.0413 Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. | 6.4 |
| 2005-05-03 | CVE-2005-1422 | Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. | 7.5 |
| 2005-05-03 | CVE-2005-1421 | Directory Traversal vulnerability in Raysoft Video CAM Server 1.0.0Beta Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request. | 5.0 |
| 2005-05-03 | CVE-2005-1420 | Remote Security vulnerability in Raysoft Video CAM Server 1.0.0Beta Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). | 5.0 |