Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3558 | 1 Oste | 1 Oste | 2018-10-19 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters. | |||||
| CVE-2005-3559 | 1 Digium | 1 Asterisk | 2018-10-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. | |||||
| CVE-2005-3557 | 1 Tincan | 1 Phplist | 2018-10-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) in the selected%5B%5D parameter in an HTTP POST request. | |||||
| CVE-2005-3576 | 1 Walla Telesite | 1 Walla Telesite | 2018-10-19 | 5.0 MEDIUM | N/A |
| ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to access privileged information by entering the article number in tsurl parameter. | |||||
| CVE-2005-3577 | 1 Walla Telesite | 1 Walla Telesite | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter. | |||||
| CVE-2005-3578 | 1 Walla Telesite | 1 Walla Telesite | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary SQL commands via the sug parameter. | |||||
| CVE-2005-3579 | 1 Walla Telesite | 1 Walla Telesite | 2018-10-19 | 5.0 MEDIUM | N/A |
| ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to access arbitrary local files via the querystring. | |||||
| CVE-2005-3585 | 1 Phpwebthings | 1 Phpwebthings | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the forum parameter. | |||||
| CVE-2005-3589 | 1 Filezilla | 1 Filezilla Server Terminal | 2018-10-19 | 7.8 HIGH | N/A |
| Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command. | |||||
| CVE-2005-3556 | 1 Tincan | 1 Phplist | 2018-10-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, and (10) action parameter in (h) admin/fckphplist.php. | |||||
| CVE-2005-3545 | 1 Ibproarcade | 1 Ibproarcade | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | |||||
| CVE-2005-3363 | 1 Saphp | 1 Saphplesson | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php. | |||||
| CVE-2005-3503 | 1 Pwdutils | 1 Pwdutils | 2018-10-19 | 7.2 HIGH | N/A |
| chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges. | |||||
| CVE-2005-3505 | 1 Cpanel | 1 Cpanel | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processed by Internet Explorer. | |||||
| CVE-2005-3508 | 1 Galerie | 1 Galerie | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to execute arbitrary SQL commands via the galid parameter. | |||||
| CVE-2005-3523 | 1 Gpsdrive | 1 Gpsdrive | 2018-10-19 | 7.5 HIGH | N/A |
| Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field. | |||||
| CVE-2005-3379 | 1 Trend Micro | 2 Officescan, Pc-cillin 2005 | 2018-10-19 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine and (2) OfficeScan 7.0 with the 7.510.1002 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | |||||
| CVE-2005-3525 | 1 Adobe | 1 Shockwave Player | 2018-10-19 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters. | |||||
| CVE-2005-3526 | 1 Ipswitch | 1 Ipswitch Collaboration Suite | 2018-10-19 | 6.5 MEDIUM | N/A |
| Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command. | |||||
| CVE-2005-3527 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 4.0 MEDIUM | N/A |
| Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP. | |||||