Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1008 | Unspecified vulnerability in Asp-Dev XM Forum RC3 Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag. network asp-dev | 4.3 |
| 2005-05-02 | CVE-2005-1007 | Unspecified vulnerability in Stalker Communigate PRO 4.3C1/4.3C2 Unknown vulnerability in the LIST functionality in CommuniGate Pro before 4.3c3 allows remote attackers to cause a denial of service (server crash) via certain multipart messages. | 5.0 |
| 2005-05-02 | CVE-2005-1006 | Cross-site Scripting vulnerability in Sonicwall Soho Firmware 5.1.7.0 Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. | 4.3 |
| 2005-05-02 | CVE-2005-1005 | Unspecified vulnerability in Profitcode Payprocart 3.0 ProfitCode PayProCart 3.0 allows remote attackers to bypass authentication and gain administrative privileges to the admin control panel, as demonstrated via a direct request to adminshop/index.php with hex-encoded .. | 7.5 |
| 2005-05-02 | CVE-2005-1004 | Unspecified vulnerability in Profitcode Payprocart 3.0 Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remote attackers to inject arbitrary web script or HTML via the sgnuptype parameter. network profitcode | 4.3 |
| 2005-05-02 | CVE-2005-1003 | Directory Traversal vulnerability in Profitcode Payprocart 3.0 Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. | 7.5 |
| 2005-05-02 | CVE-2005-1002 | Unspecified vulnerability in Logics Software Log-Ft logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows remote attackers to read arbitrary files via modified (1) VAR_FT_LANG and (2) VAR_FT_TMPL parameters. | 5.0 |
| 2005-05-02 | CVE-2005-1001 | Information Disclosure vulnerability in Francisco Burzi PHP-Nuke 7.6 PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message. | 5.0 |
| 2005-05-02 | CVE-2005-1000 | Unspecified vulnerability in Francisco Burzi PHP-Nuke 7.6 Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Links module, (3) the ttitle parameter in the viewlinkdetails, viewlinkeditorial, viewlinkcomments, and ratelink actions in the Web_Links module, or (4) the username parameter in the Your_Account module. network francisco-burzi | 4.3 |
| 2005-05-02 | CVE-2005-0999 | Unspecified vulnerability in Francisco Burzi PHP-Nuke SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter. | 7.5 |