Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4299 | 1 Atlantpro.com | 1 Atlant Pro | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in atl.cgi in Atlant Pro 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) before and (2) ct parameters. | |||||
| CVE-2005-4301 | 1 Phpxplorer | 1 Phpxplorer | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the address bar field. | |||||
| CVE-2005-4302 | 1 Indexcor | 1 Ezdatabase | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter. | |||||
| CVE-2005-4306 | 1 Focalmedia.net | 1 Sitenet Bbs | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pg, (2) tid, (3) cid, and (4) fid parameters to netboardr.cgi, or (5) cid parameter to search.cgi. | |||||
| CVE-2005-4307 | 1 Jonathan Bravata | 1 Scarecrow | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi. | |||||
| CVE-2005-4310 | 1 Ssh | 1 Tectia Server | 2011-03-07 | 7.5 HIGH | N/A |
| SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials. | |||||
| CVE-2005-4311 | 1 Dcscripts | 2 Dcforum, Dcforum\+ | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters. | |||||
| CVE-2005-4312 | 1 Almondsoft | 1 Almond Classifieds | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | |||||
| CVE-2005-3252 | 1 Sourcefire | 1 Snort | 2011-03-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet. | |||||
| CVE-2005-3253 | 2 Avaya, Proxim | 10 Wireless Ap-3, Wireless Ap-4, Wireless Ap-5 and 7 more | 2011-03-07 | 7.5 HIGH | N/A |
| Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication. | |||||
| CVE-2005-3258 | 1 Squid | 1 Squid | 2011-03-07 | 5.0 MEDIUM | N/A |
| The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. | |||||
| CVE-2005-3301 | 1 Phpmyadmin | 1 Phpmyadmin | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php. | |||||
| CVE-2005-3303 | 1 Clam Anti-virus | 1 Clamav | 2011-03-07 | 7.5 HIGH | N/A |
| The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. | |||||
| CVE-2005-3315 | 1 Novell | 1 Zenworks Patch Management Server | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp. | |||||
| CVE-2005-3336 | 1 Mantis | 1 Mantis | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-3342 | 1 Norman Ramsey | 1 Noweb | 2011-03-07 | 1.2 LOW | N/A |
| noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in (1) lib/toascii.nw and (2) shell/roff.mm. | |||||
| CVE-2005-3360 | 1 Trend Micro | 1 Pc-cillin 2005 | 2011-03-07 | 7.2 HIGH | N/A |
| The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 build 1244, and probably previous versions, uses insecure default ACLs, which allows local users to cause a denial of service (disabled service) and gain system privileges by modifying or moving critical program files. | |||||
| CVE-2005-3387 | 1 Luca Deri | 1 Ntop | 2011-03-07 | 4.6 MEDIUM | N/A |
| The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-3411 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type parameter in a Topic method. | |||||