Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0898 | 1 Magicscripts | 1 E-store Kit-2 | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in downloadform.php in E-Store Kit-2 PayPal Edition allows remote attackers to inject arbitrary web script or HTML via the txn_id parameter. | |||||
| CVE-2005-0897 | 1 Magicscripts | 1 E-store Kit-2 | 2016-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-0895 | 1 Netcomm | 1 Nb1300 | 2016-10-17 | 5.0 MEDIUM | N/A |
| Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets. | |||||
| CVE-2005-0894 | 1 Openmosixview | 1 Openmosixview | 2016-10-17 | 3.6 LOW | N/A |
| OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete arbitrary files via a symlink attack on (1) temporary files in the openmosixcollector directory or (2) nodes.tmp. | |||||
| CVE-2005-0893 | 1 Smail | 1 Smail | 2016-10-17 | 7.6 HIGH | N/A |
| modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc. | |||||
| CVE-2005-0892 | 1 Smail | 1 Smail | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands. | |||||
| CVE-2005-0836 | 1 Sun | 1 J2se | 2016-10-17 | 10.0 HIGH | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | |||||
| CVE-2005-0946 | 1 Coinsoft Technologies | 1 Phpcoin | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page. | |||||
| CVE-2005-0868 | 4 Bosanova, Ibm, Mochasoft and 1 more | 4 Launcher400, Client Access, Tn5250 and 1 more | 2016-10-17 | 7.5 HIGH | N/A |
| AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC. | |||||
| CVE-2005-0873 | 1 Oracle | 1 10g Reports Server | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter. | |||||
| CVE-2005-0842 | 1 Kayako | 1 Esupport | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. | |||||
| CVE-2005-0843 | 1 Phorum | 1 Phorum | 2016-10-17 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header. | |||||
| CVE-2005-0925 | 1 Uapplication | 1 Ublog Reload | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | |||||
| CVE-2005-0874 | 1 Cerulean Studios | 1 Trillian | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | |||||
| CVE-2005-0875 | 1 Cerulean Studios | 1 Trillian | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | |||||
| CVE-2005-0928 | 1 Photopost | 1 Photopost Php Pro | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php. | |||||
| CVE-2005-0723 | 1 Php Arena | 1 Pafiledb | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php. | |||||
| CVE-2005-0722 | 1 Experience2 | 1 Experience2 | 2016-10-17 | 5.0 MEDIUM | N/A |
| eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message. | |||||
| CVE-2005-0780 | 1 Php Arena | 1 Pafiledb | 2016-10-17 | 5.0 MEDIUM | N/A |
| paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) auth.php, (2) login.php, (3) category.php, (4) file.php, (5) team.php, (6) license.php, (7) custom.php, (8) admins.php, or (9) backupdb.php, which reveal the path in a PHP error message. | |||||
| CVE-2005-0784 | 1 Phorum | 1 Phorum | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum before 5.0.15 allow remote attackers to inject arbitrary web script or HTML via (1) the subject line to follow.php or (2) the subject line in the user's personal control panel. | |||||