Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-14 | CVE-2005-0795 | Unspecified vulnerability in Hola Holacms HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter. | 5.0 |
2005-03-14 | CVE-2005-0791 | Cross-Site Scripting vulnerability in PHPAdsNew AdFrame.PHP Cross-site scripting (XSS) vulnerability in adframe.php in phpAdsNew 2.0.4-pr1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the refresh parameter. network phpadsnew | 4.3 |
2005-03-14 | CVE-2005-0790 | Information Disclosure vulnerability in PHPadsnew 2.0.4Pr1 phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to (1) lib-xmlrpcs.inc.php, (2) maintenance-activation.php, (3) maintenance-cleantables.php, (4) maintenance-autotargeting.php, (5) maintenance-reports.php, (6) phpads.php, (7) remotehtmlview.php, (8) click.php, (9) adcontent.php, which reveal the path in a PHP error message. | 5.0 |
2005-03-14 | CVE-2005-0789 | Unspecified vulnerability in Limewire 3.9.6/4.6.0 Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
2005-03-14 | CVE-2005-0788 | Unspecified vulnerability in Limewire 4.1.2/4.5.6 LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full pathname in a Gnutella GET request. | 5.0 |
2005-03-14 | CVE-2005-0786 | SQL Injection vulnerability in Simpgb 1.0 SQL injection vulnerability in gb_new.inc in SimpGB allows remote attackers to execute arbitrary SQL commands via the quote parameter to guestbook.php. | 7.5 |
2005-03-14 | CVE-2005-0510 | Denial-Of-Service vulnerability in fallback-reboot The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service (daemon exit), possibly related to verbose debug messages when the daemon is not on a tty. | 2.1 |
2005-03-14 | CVE-2005-0509 | Cross-Site Scripting vulnerability in .NET Framework Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". | 4.3 |
2005-03-14 | CVE-2005-0508 | Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue." | 4.6 |
2005-03-14 | CVE-2005-0507 | Directory Traversal vulnerability in GD Software SD Server 4.0.70 Directory traversal vulnerability in SD Server 4.0.70 and earlier allows remote attackers to read arbitrary files via .. | 5.0 |