Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1172 | HTML Injection vulnerability in Coppermine Photo Gallery X-Forwarded-For Logging Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter. network coppermine | 4.3 |
| 2005-05-02 | CVE-2005-1171 | Remote Mod.PHP Cross-Site Scripting vulnerability in Datenbank Module For PHPBB Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. network datenbank-module | 4.3 |
| 2005-05-02 | CVE-2005-1170 | Unspecified vulnerability in Datenbank Module Datenbank Module SQL injection vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-05-02 | CVE-2005-1169 | Authentication Bypass vulnerability in Mafia Blog 4Beta Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php. | 7.5 |
| 2005-05-02 | CVE-2005-1168 | Unspecified vulnerability in Musicmatch Jukebox 9.0.5059 DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows remote attackers to overwrite arbitrary files via the bstrSavePath argument. | 5.0 |
| 2005-05-02 | CVE-2005-1167 | Information Disclosure vulnerability in Jukebox Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information. | 2.1 |
| 2005-05-02 | CVE-2005-1166 | Unspecified vulnerability in Dameware Development Dameware NT Utilities and Miniremote Control The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information. | 2.1 |
| 2005-05-02 | CVE-2005-1165 | Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data. | 5.0 |
| 2005-05-02 | CVE-2005-1164 | Denial Of Service vulnerability in Yager Development Yager Game 5.0/5.20/5.24 Yager 5.24 and earlier allows remote attackers to cause a denial of service (application hang) via a packet with a game header that provides less data than indicated by the length. | 5.0 |
| 2005-05-02 | CVE-2005-1163 | Buffer Overflow vulnerability in Yager Development Yager Game 5.0/5.20/5.24 Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data. | 6.4 |