Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3513 | 1 Vubb | 1 Vubb | 2016-10-17 | 5.0 MEDIUM | N/A |
| index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote ('). | |||||
| CVE-2005-3433 | 1 Mirabilis | 1 Icq | 2016-10-17 | 5.1 MEDIUM | N/A |
| Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields. | |||||
| CVE-2005-3384 | 1 Techno Dreams | 1 Techno Dreams Guest Book | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Techno Dreams Guest Book script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp. | |||||
| CVE-2005-3493 | 1 Afsl Games | 1 Battle Carry | 2016-10-17 | 5.0 MEDIUM | N/A |
| Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port. | |||||
| CVE-2005-3383 | 1 Techno Dreams | 1 Announcement Script | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp. | |||||
| CVE-2005-3381 | 1 Ukranian National Antivirus | 1 Una | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple interpretation error in Ukrainian National Antivirus (UNA) 1.83.2.16 with kernel 265 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2005-3401 | 1 Thehacker | 1 Thehacker | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple interpretation error in TheHacker 5.8.4.128 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2005-3367 | 1 Sparkleblog | 1 Sparkleblog | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog 2.1 allows remote attackers to inject arbitrary web script or HTML via the name field. | |||||
| CVE-2005-3232 | 1 Thehacker | 1 Thehacker | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of TheHacker allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-3231 | 1 Cat | 1 Quick Heal | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of CAT Quick Heal allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-3230 | 1 Panda | 1 Activescan | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-3259 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "search this thread" feature, (3) "search for posts" feature, (4) "forgot password" feature, (5) list parameter in userlistpre.php, and the (6) select, (7) categ, and (8) to parameters in index.php. | |||||
| CVE-2005-3260 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php. | |||||
| CVE-2005-3329 | 1 Rsa | 1 Authentication Agent For Web | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation. | |||||
| CVE-2005-3364 | 1 Platinum | 1 Dboardgear | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an invalid theme file in the themes action to ctrtools.php. | |||||
| CVE-2005-3380 | 1 Panda | 1 Titanium 2005 | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple interpretation error in Panda Titanium 2005 4.02.01 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2005-3261 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2016-10-17 | 5.0 MEDIUM | N/A |
| getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request. | |||||
| CVE-2005-3311 | 1 Bmc | 1 Software Control-m Agent | 2016-10-17 | 2.1 LOW | N/A |
| BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-3264 | 1 Zeroblog | 1 Zeroblog | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter. | |||||
| CVE-2005-3373 | 1 Dr.web | 1 Dr.web Antivirus | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||