Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-02-23 | CVE-2005-0518 | Information Disclosure vulnerability in Exeem 0.21 eXeem 0.21 stores sensitive information such as passwords in plaintext in the Exeem registry key, which allows local users to gain privileges via the proxy_user and proxy_password values. | 2.1 |
2005-02-23 | CVE-2005-0517 | Unspecified vulnerability in Peerftp 5 Peerftp 5 PeerFTP_5 stores sensitive information such as passwords in plaintext in the PeerFTP.ini files, which allows local users to gain privileges. | 2.1 |
2005-02-23 | CVE-2005-0516 | Remote Security vulnerability in Imagegalleryplugin The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote attackers to execute arbitrary commands via certain commands that generate thumbnails. | 7.5 |
2005-02-23 | CVE-2004-0481 | Unspecified vulnerability in SUN Solaris and Sunos The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. | 2.1 |
2005-02-22 | CVE-2005-0535 | Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. | 7.5 |
2005-02-22 | CVE-2005-0514 | Unspecified vulnerability in Verity Ultraseek 5.3.3 Cross-site scripting (XSS) vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search parameters. network verity | 4.3 |
2005-02-22 | CVE-2005-0161 | Remote Directory Traversal vulnerability in E-Merge Unace 1.2B Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing (1) ../ sequences or (2) absolute pathnames. | 2.1 |
2005-02-22 | CVE-2005-0160 | Remote Buffer Overflow vulnerability in E-Merge Unace 1.2B Multiple buffer overflows in unace 1.2b allow attackers to execute arbitrary code via (1) 2 overflows in ACE archives, (2) a long command line argument, or (3) certain "Ready for next volume" messages. | 5.1 |
2005-02-21 | CVE-2005-0537 | SQL-Injection vulnerability in Igeneric Free Shopping Cart 1.2 Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) Shop 1.2 may allow remote attackers to execute arbitrary SQL statements via the (1) cats, (2) l_price, or (3) u_price parameters. | 7.5 |
2005-02-21 | CVE-2005-0512 | Remote Security vulnerability in Mambo PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693. | 7.5 |