Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-03-07 | CVE-2005-0700 | Unspecified vulnerability in Aztek Forum Aztek Forum 4.0 The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie. | 5.0 |
2005-03-07 | CVE-2005-0698 | Remote File Include vulnerability in Jason Hines PHPWebLog PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code. | 4.6 |
2005-03-07 | CVE-2005-0697 | SQL-Injection vulnerability in BRT Copperexport 0.1/0.2 SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | 7.5 |
2005-03-07 | CVE-2005-0695 | Remote Security vulnerability in Hosting Controller The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the "login ID" field. | 5.0 |
2005-03-07 | CVE-2005-0694 | Information Disclosure vulnerability in Hosting Controller Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remote attackers to obtain sensitive information via a direct request to HCDiskQuotaService.csv. | 5.0 |
2005-03-07 | CVE-2005-0693 | Remote Buffer Overflow vulnerability in JoWood Chaser 1.0/1.50 Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | 7.5 |
2005-03-07 | CVE-2005-0690 | Remote Default Install Code Execution vulnerability in Gene6 FTP Server Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command. | 2.1 |
2005-03-07 | CVE-2005-0689 | Remote Command Execution vulnerability in The Includer 1.0/1.1 includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter. | 7.5 |
2005-03-07 | CVE-2005-0686 | Remote Security vulnerability in mlterm Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background. | 7.5 |
2005-03-07 | CVE-2005-0680 | PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | 7.5 |