| Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-0252 | 7.5 |
SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password.
|
02-02-2024 - 16:54 | 02-05-2005 - 04:00 | |
| CVE-2005-0253 | 4.0 |
Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to delete arbitrary files via a Delete action and .. (dot dot) sequences in the database_name parameter.
|
02-02-2024 - 16:50 | 02-05-2005 - 04:00 | |
| CVE-2005-0254 | 4.3 |
BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick
|
02-02-2024 - 16:44 | 02-05-2005 - 04:00 | |
| CVE-2005-0251 | 4.3 |
Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the search parameter.
|
02-02-2024 - 16:42 | 02-05-2005 - 04:00 |