Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1054 | Unspecified vulnerability in Moderngigabyte Modernbill PHP remote file inclusion vulnerability in news.php in ModernBill 4.3.0 and earlier allows remote attackers to execute arbitrary PHP code by modifying the DIR parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-05-02 | CVE-2005-1053 | Unspecified vulnerability in Moderngigabyte Modernbill Multiple cross-site scripting (XSS) vulnerabilities in orderwiz.php in ModernBill 4.3.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) c_code or (2) aid parameters. network moderngigabyte | 4.3 |
| 2005-05-02 | CVE-2005-1052 | Unspecified vulnerability in Microsoft Outlook and Outlook web Access Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 do not properly display comma separated addresses in the From field in an e-mail message, which could allow remote attackers to spoof e-mail addresses. | 5.0 |
| 2005-05-02 | CVE-2005-1051 | SQL Injection vulnerability in PunBB Profile.PHP SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action. | 6.5 |
| 2005-05-02 | CVE-2005-1050 | Information Disclosure vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3 The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-1049 | Remote Cross-Site Scripting vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3 Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) module parameter to admin.php or (2) op parameter to user.php. | 2.6 |
| 2005-05-02 | CVE-2005-1048 | Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.760Rc3 SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute arbitrary SQL statements via the sid parameter. | 7.5 |
| 2005-05-02 | CVE-2005-1046 | Buffer Overflow vulnerability in KDE 3.4.0 Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. | 7.5 |
| 2005-05-02 | CVE-2005-1045 | Unspecified vulnerability in Centrinity Firstclass Desktop Client 8.0 OpenText FirstClass 8.0 client does not properly sanitize strings before passing them to the Windows ShellExecute API, which allows remote attackers to execute arbitrary commands via a UNC path in a bookmark. | 7.5 |
| 2005-05-02 | CVE-2005-1042 | Unspecified vulnerability in PHP Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. | 7.5 |