Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0929 | SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php. | 7.5 |
| 2005-05-02 | CVE-2005-0928 | Unspecified vulnerability in Photopost PHP PRO 5.02 Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php. network photopost | 4.3 |
| 2005-05-02 | CVE-2005-0927 | Remote Security vulnerability in Webapp 0.9.9/0.9.9.1/0.9.9.2 Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. | 10.0 |
| 2005-05-02 | CVE-2005-0926 | Unspecified vulnerability in Sylpheed Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names. | 5.1 |
| 2005-05-02 | CVE-2005-0925 | Cross-Site Scripting vulnerability in Uapplication Ublog Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. network uapplication | 4.3 |
| 2005-05-02 | CVE-2005-0923 | Local Denial Of Service vulnerability in Symantec products The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share. | 2.1 |
| 2005-05-02 | CVE-2005-0922 | Remote Denial Of Service vulnerability in Symantec products Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. | 5.0 |
| 2005-05-02 | CVE-2005-0921 | Unspecified vulnerability in Microsoft Outlook Connector 2002 Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. | 4.6 |
| 2005-05-02 | CVE-2005-0920 | SQL Injection vulnerability in Bugtracker.NET Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2005-05-02 | CVE-2005-0917 | Remote Security vulnerability in Powerdev Encapsbb 0.3.2Fixed PHP remote file inclusion vulnerability in index_header.php for EncapsBB 0.3.2_fixed, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the root parameter. | 7.5 |