Vulnerabilities > Uapplication
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-03 | CVE-2005-1425 | Permissions, Privileges, and Access Controls vulnerability in Uapplication Uguestbook 1.0 Uapplication Uguestbook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/guestbook.mdb. | 5.0 |
2005-05-02 | CVE-2005-0938 | Remote Security vulnerability in Ublog Reload Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb. | 5.0 |
2005-05-02 | CVE-2005-0925 | Cross-Site Scripting vulnerability in Uapplication Ublog Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. network uapplication | 4.3 |