Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0443 | Multiple vulnerability in Brooky Cubecart 2.0.1/2.0.4 index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message. network devellion | 4.3 |
2005-05-02 | CVE-2005-0442 | Multiple vulnerability in Brooky Cubecart 2.0.1/2.0.4 Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter. | 5.0 |
2005-05-02 | CVE-2005-0440 | Remote vulnerability in ELOG Web Logbook ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL. | 7.5 |
2005-05-02 | CVE-2005-0439 | Remote vulnerability in ELOG Web Logbook Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names. | 7.5 |
2005-05-02 | CVE-2005-0438 | Information Disclosure vulnerability in Awstats 6.3/6.4 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter. | 5.0 |
2005-05-02 | CVE-2005-0437 | Directory Traversal vulnerability in Awstats 6.3/6.4 Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. | 7.5 |
2005-05-02 | CVE-2005-0436 | Remote Security vulnerability in Awstats 6.3/6.4 Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter. | 7.5 |
2005-05-02 | CVE-2005-0435 | Remote Security vulnerability in Awstats 6.3/6.4 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog. | 5.0 |
2005-05-02 | CVE-2005-0432 | Remote Security vulnerability in BEA Weblogic Server 7.0/8.1 BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks. | 5.0 |
2005-05-02 | CVE-2005-0431 | Remote Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.10 Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam. | 7.5 |