Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1098 | Information Disclosure vulnerability in Runtime Software Getdataback for Ntfs 2.31 GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the License registry key, which may allow local users to obtain sensitive information. | 2.1 |
| 2005-05-02 | CVE-2005-1097 | Local Security vulnerability in Rebrand P2P Share SPY 2.2 Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the registry, which allows local users to gain privileges. | 4.6 |
| 2005-05-02 | CVE-2005-1095 | Cross-Site Scripting vulnerability in Ocean12 Membership Manager Pro Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. network ocean12-technologies | 4.3 |
| 2005-05-02 | CVE-2005-1093 | Remote Buffer Overflow vulnerability in Popup Plus Plugin Popup Plus Plugin for Miranda IM 2.0.3.8 Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. | 7.5 |
| 2005-05-02 | CVE-2005-1092 | Local Authentication Credentials Disclosure vulnerability in Light Speed Technologies DeluxeFTP Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. | 7.2 |
| 2005-05-02 | CVE-2005-1091 | Information Disclosure vulnerability in Maxthon Web Browser Plug-in API Security ID Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page. | 7.5 |
| 2005-05-02 | CVE-2005-1090 | Directory Traversal vulnerability in Maxthon 1.2.0/1.2.1 Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files. | 6.4 |
| 2005-05-02 | CVE-2005-1088 | Privilege Escalation vulnerability in Dameware Development Mini Remote Control and NT Utilities Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights. | 7.2 |
| 2005-05-02 | CVE-2005-1086 | Remote Buffer Overflow vulnerability in AN An-Httpd 1.42N Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. | 6.4 |
| 2005-05-02 | CVE-2005-1085 | Cross-site scripting (XSS) vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML. network aewebworks | 4.3 |