Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0915 | Security Bypass vulnerability in Webmasters-Debutants WD Guestbook 2.8 Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to (1) ajout_admin2.php or (2) suppr.php. | 7.5 |
2005-05-02 | CVE-2005-0913 | Remote PHP Script Execution vulnerability in Smarty Template Engine Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code. | 7.5 |
2005-05-02 | CVE-2005-0910 | Cross-Site Scripting vulnerability in E-Xoops Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php. network e-xoops | 4.3 |
2005-05-02 | CVE-2005-0909 | Unspecified vulnerability in Tkais Shoutbox Tkais Shoutbox PHP remote file inclusion vulnerability in shoutact.php for TKai's Shoutbox allows remote attackers to execute arbitrary PHP code via the query parameter. | 7.5 |
2005-05-02 | CVE-2005-0907 | SQL-Injection vulnerability in Valdersoft Shopping Cart 3.0 Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php. | 7.5 |
2005-05-02 | CVE-2005-0906 | Remote Buffer Overflow vulnerability in Tincat Network Library Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code. | 7.5 |
2005-05-02 | CVE-2005-0905 | Information Disclosure vulnerability in Maxthon 1.2 Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property. | 2.6 |
2005-05-02 | CVE-2005-0904 | Improper Input Validation vulnerability in Microsoft Windows XP Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, which allows remote attackers to shut down the system by executing TSShutdn.exe. | 2.1 |
2005-05-02 | CVE-2005-0903 | Buffer Overflow vulnerability in Apple Quicktime Pictureviewer 6.5.1 Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | 2.6 |
2005-05-02 | CVE-2005-0902 | SQL-Injection vulnerability in Nukebookmarks 0.6 SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category parameter. | 7.5 |