Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-10 | CVE-2005-0748 | Code Injection vulnerability in Webinsta Mailing Manager 1.3D PHP remote file inclusion vulnerability in initdb.php for WEBInsta Mailing list manager 1.3d allows remote attackers to execute arbitrary PHP code by modifying the absolute_path parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2005-03-10 | CVE-2005-0731 | Denial-Of-Service vulnerability in PY Software Active Webcam 5.5 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Filelist.html. | 5.0 |
2005-03-09 | CVE-2005-0745 | Local Security vulnerability in Ian-02Ex Voip Ata UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restrictions by dialing "*#26845#" and causing a device reset. | 4.6 |
2005-03-09 | CVE-2005-0719 | Denial Of Service vulnerability in HP Tru64 Message Queue Local Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd. | 2.1 |
2005-03-08 | CVE-2005-0747 | Information Disclosure vulnerability in I-Class ApplyYourself i-Class allows remote attackers to obtain sensitive information about their own applications by reusing the hidden ID field, as demonstrated using the id parameter to ApplicantDecision.asp. | 5.0 |
2005-03-08 | CVE-2005-0741 | Remote UsersRecentPosts Cross-Site Scripting vulnerability in Yabb 2.0Rc1 Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action. network yabb | 4.3 |
2005-03-08 | CVE-2005-0725 | SQL-Injection vulnerability in Wf-Sections 1.07 SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php. | 7.5 |
2005-03-08 | CVE-2005-0723 | Cross-Site Scripting vulnerability in PHP Arena Pafiledb 3.1 Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php. network php-arena | 4.3 |
2005-03-08 | CVE-2005-0720 | Code Injection vulnerability in Mcnews 1.3 PHP remote file inclusion vulnerability in admin/header.php in PHP mcNews 1.3 allows remote attackers to execute arbitrary PHP code by modifying the skinfile parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2005-03-08 | CVE-2005-0696 | Remote Buffer Overrun vulnerability in Argosoft FTP Server 1.4.2.29/1.4.2.8/1.4.3.5 Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. | 7.5 |