Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0945 | Unspecified vulnerability in ASP Press ACS Blog 1.1.1 Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitrary web script or HTML via onmouseover or onload events in (1) img, (2) link, or (3) mail tags. network asp-press | 4.3 |
2005-05-02 | CVE-2005-0944 | Unspecified vulnerability in Microsoft JET Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file. | 7.5 |
2005-05-02 | CVE-2005-0941 | Remote Heap Overflow vulnerability in OpenOffice Malformed Document The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow. | 5.1 |
2005-05-02 | CVE-2005-0938 | Remote Security vulnerability in Ublog Reload Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb. | 5.0 |
2005-05-02 | CVE-2005-0936 | Cross-Site Scripting vulnerability in Esmi Paypal Storefront 1.7 Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter. | 5.0 |
2005-05-02 | CVE-2005-0935 | SQL Injection vulnerability in Esmi Paypal Storefront 1.7 Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php. | 7.5 |
2005-05-02 | CVE-2005-0934 | Cross-Site Scripting vulnerability in Wackowiki R4 Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. network wackowiki | 4.3 |
2005-05-02 | CVE-2005-0933 | Remote vulnerability in PHPcoin 1.2.1/1.2.1B Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter. | 5.0 |
2005-05-02 | CVE-2005-0932 | Remote vulnerability in PHPcoin 1.2/1.2.1/1.2.1B Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order. | 7.5 |
2005-05-02 | CVE-2005-0930 | HTML Injection vulnerability in Chatness 2.5.1 Cross-site scripting (XSS) vulnerability in message.php in Chatness 2.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the user field or (2) the message parameter to message.php. network chatness | 4.3 |