Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-07 | CVE-2005-0697 | SQL-Injection vulnerability in BRT Copperexport 0.1/0.2 SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | 7.5 |
2005-03-07 | CVE-2005-0695 | Remote Security vulnerability in Hosting Controller The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the "login ID" field. | 5.0 |
2005-03-07 | CVE-2005-0694 | Information Disclosure vulnerability in Hosting Controller Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remote attackers to obtain sensitive information via a direct request to HCDiskQuotaService.csv. | 5.0 |
2005-03-07 | CVE-2005-0693 | Remote Buffer Overflow vulnerability in JoWood Chaser 1.0/1.50 Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | 7.5 |
2005-03-07 | CVE-2005-0690 | Remote Default Install Code Execution vulnerability in Gene6 FTP Server Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command. | 2.1 |
2005-03-07 | CVE-2005-0689 | Remote Command Execution vulnerability in The Includer 1.0/1.1 includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter. | 7.5 |
2005-03-07 | CVE-2005-0686 | Remote Security vulnerability in mlterm Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background. | 7.5 |
2005-03-07 | CVE-2005-0680 | PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2005-03-07 | CVE-2005-0667 | Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | 5.1 |
2005-03-07 | CVE-2005-0548 | Unspecified vulnerability in SUN Solaris Answerbook2 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. network sun | 4.3 |