Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1022 | 1 Macromedia | 1 Coldfusion | 2016-10-17 | 5.0 MEDIUM | N/A |
| ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-1018 | 1 Ca | 1 Brightstor Arcserve Backup | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field. | |||||
| CVE-2005-0999 | 1 Francisco Burzi | 1 Php-nuke | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter. | |||||
| CVE-2005-0993 | 1 Sco | 1 Openserver | 2016-10-17 | 4.6 MEDIUM | N/A |
| Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument. | |||||
| CVE-2005-0996 | 1 Francisco Burzi | 1 Php-nuke | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the email or url parameters in the Add function, (2) the min parameter in the viewsdownload function, or (3) the min parameter in the search function. | |||||
| CVE-2005-0998 | 1 Francisco Burzi | 1 Php-nuke | 2016-10-17 | 5.0 MEDIUM | N/A |
| The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server. | |||||
| CVE-2005-0997 | 1 Francisco Burzi | 1 Php-nuke | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the email or url parameters in the Add function, (2) the url parameter in the modifylinkrequestS function, (3) the orderby or min parameters in the viewlink function, (4) the orderby, min, or show parameters in the search function, or (5) the ratenum parameter in the MostPopular function. | |||||
| CVE-2005-0929 | 1 Photopost | 1 Photopost Php Pro | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php. | |||||
| CVE-2005-0935 | 1 Esmi | 1 Paypal Storefront | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php. | |||||
| CVE-2005-0845 | 1 Netwin | 1 Surgemail | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter. | |||||
| CVE-2005-0936 | 1 Esmi | 1 Paypal Storefront | 2016-10-17 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2005-0909 | 1 Tkais Shoutbox | 1 Tkais Shoutbox | 2016-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in shoutact.php for TKai's Shoutbox allows remote attackers to execute arbitrary PHP code via the query parameter. | |||||
| CVE-2005-0846 | 1 Netwin | 1 Surgemail | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. | |||||
| CVE-2005-0905 | 1 Maxthon | 1 Maxthon | 2016-10-17 | 2.6 LOW | N/A |
| Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property. | |||||
| CVE-2005-0903 | 1 Apple | 1 Quicktime Pictureviewer | 2016-10-17 | 2.6 LOW | N/A |
| Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | |||||
| CVE-2005-0902 | 1 Nukebookmarks | 1 Nukebookmarks | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category parameter. | |||||
| CVE-2005-0901 | 1 Nukebookmarks | 1 Nukebookmarks | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0.6 for PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via the (1) catname, (2) markname, (3) comment, or (4) category parameter. | |||||
| CVE-2005-0938 | 1 Uapplication | 1 Ublog Reload | 2016-10-17 | 5.0 MEDIUM | N/A |
| Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb. | |||||
| CVE-2005-0900 | 1 Nukebookmarks | 1 Nukebookmarks | 2016-10-17 | 5.0 MEDIUM | N/A |
| marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter, which reveal the path in an error message. | |||||
| CVE-2005-0899 | 1 Ibm | 1 Os 400 | 2016-10-17 | 2.1 LOW | N/A |
| AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated users to obtain OS/400 user profiles by performing a search. | |||||