CVE-2005-1063
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via...
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via...
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or...
Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp. Date published :...
Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or...
Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText,...
Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp. Date published : 2005-04-28 http://www.securityfocus.com/bid/13376...
PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 allows remote attackers to execute arbitrary PHP code by modifying the path_prefix parameter to reference a URL on a remote web server that contains...
Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111445867315415&w=2
text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111445867315415&w=2
text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111445867315415&w=2
Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111445548126797&w=2
includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111445548126797&w=2
The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111446056205059&w=2
The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=111446056205059&w=2