Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4330 | 1 Ihtml Merchant | 1 Ihtml Merchant Mall | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall allows remote attackers to execute arbitrary SQL commands via the (1) id, (2) store, and (3) step parameters. | |||||
| CVE-2005-4331 | 1 Ihtml Merchant | 1 Ihtml Merchant | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in merchant.ihtml in iHTML Merchant Version 2 Pro allows remote attackers to execute arbitrary SQL commands via the (1) step, (2) id, and (3) pid parameters. | |||||
| CVE-2005-4336 | 1 Courseforum | 1 Projectforum | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) fwd parameter in admin/adminsignin.html and (2) originalpageid parameter in admin/newpage.html associated with a group. | |||||
| CVE-2005-4342 | 1 Macromedia | 1 Coldfusion | 2011-03-07 | 7.5 HIGH | N/A |
| ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability." | |||||
| CVE-2005-4343 | 1 Macromedia | 1 Coldfusion | 2011-03-07 | 5.0 MEDIUM | N/A |
| Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability". | |||||
| CVE-2005-4344 | 1 Macromedia | 1 Coldfusion | 2011-03-07 | 2.1 LOW | N/A |
| Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration. | |||||
| CVE-2005-4345 | 1 Macromedia | 1 Coldfusion | 2011-03-07 | 7.2 HIGH | N/A |
| Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges. | |||||
| CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2011-03-07 | 7.8 HIGH | N/A |
| Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. | |||||
| CVE-2005-4353 | 1 Toenda Software Development | 1 Toendacms | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-4354 | 1 University Of Arizona | 1 Webglimpse | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2005-4355 | 1 Xmpie | 1 Ustore | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UStore allow remote attackers to inject arbitrary web script or HTML via the (1) Cat parameter in default.asp and the (2) accessdenied parameter in admin/default.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4356 | 1 Xmpie | 1 Ustore | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in UStore allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4359 | 1 Oodie | 1 Odfaq | 2011-03-07 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in includes/core.inc.php in ODFaq 2.1.0 allows remote attackers to execute arbitrary SQL commands via the (1) cat and (2) srcText parameters to faq.php. | |||||
| CVE-2005-4361 | 1 Magnolia | 1 Content Management Suite | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Magnolia Content Management Suite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2005-4362 | 1 Komodo | 1 Komodo Cms | 2011-03-07 | 5.0 MEDIUM | N/A |
| SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. | |||||
| CVE-2005-4363 | 1 Komodo | 1 Komodo Cms | 2011-03-07 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search engine in Komodo CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2005-4364 | 1 Hot Banana | 1 Web Content Management Suite | 2011-03-07 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana Web Content Management Suite 5.3 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | |||||
| CVE-2005-4365 | 1 Flip | 1 Flip | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter in text.php and (2) frame parameter in forum.php. | |||||
| CVE-2005-4369 | 1 The Collective | 1 Acuity Cms | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly strSearchKeywords to browse.asp. | |||||
| CVE-2005-4372 | 1 Liquid Bytes Technologies | 1 Adaptive Website Framework | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in account.html in Adaptive Website Framework (AWF) 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||