Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2811 | 1 Net-snmp | 1 Net-snmp | 2008-09-05 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. | |||||
| CVE-2005-2812 | 1 Man2web | 1 Man2web | 2008-09-05 | 7.5 HIGH | N/A |
| man2web allows remote attackers to execute arbitrary commands via -P arguments. | |||||
| CVE-2005-2836 | 1 Phorum | 1 Phorum | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to register.php or (2) a signature of a logged-in user in "My Control Center," which is not properly handled by control.php. | |||||
| CVE-2005-2837 | 1 Plain Black | 1 Webgui | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm. | |||||
| CVE-2005-2839 | 1 Maxdev | 1 Md-pro | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php. | |||||
| CVE-2005-2840 | 1 Maxdev | 1 Md-pro | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in one or more of the (1) Download, (2) Search, (3) Web links, (4) Blocks, (5) Messages, (6) News, (7) Comments, (8) Settings, (9) Stats or (10) subjects modules. | |||||
| CVE-2005-2850 | 1 Whitsoft Development | 1 Slimftpd | 2008-09-05 | 5.0 MEDIUM | N/A |
| SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error. | |||||
| CVE-2005-2851 | 1 Smb4k | 1 Smb4k | 2008-09-05 | 2.1 LOW | N/A |
| smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the (1) smb4k.tmp or (2) sudoers temporary files. | |||||
| CVE-2005-2852 | 1 Novell | 1 Netware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. | |||||
| CVE-2005-2853 | 1 Guppy | 1 Guppy | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GuppY 4.5.3a and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the pg parameter to printfaq.php, or the (2) Referer or (3) User-Agent HTTP headers, which are not properly handled by error.php. | |||||
| CVE-2005-2854 | 1 Thesitewizard.com | 1 Chfeedback.pl Feedback Form Perl Script | 2008-09-05 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in thesitewizard.com chfeedback.pl Feedback Form Perl Script 2.0.1 allows remote attackers to use the script as a mail relay (spam proxy) via CRLF sequences in the (1) name or (2) email fields, which are injected into mail headers. | |||||
| CVE-2005-2857 | 1 Softstack | 1 Free Smtp Server | 2008-09-05 | 7.5 HIGH | N/A |
| Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy). | |||||
| CVE-2005-2858 | 1 Rediff | 1 Bol | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7.0 allows remote attackers to read the Windows Address Book via the FullAddressBook method. | |||||
| CVE-2005-2859 | 1 Savant | 1 Savant Webserver | 2008-09-05 | 4.6 MEDIUM | N/A |
| Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges. | |||||
| CVE-2005-2861 | 1 N-stalker | 1 N-stealth | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in N-Stealth Commercial Edition before 5.8.0.38 and Free Edition before 5.8.1.03 allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report. | |||||
| CVE-2005-2866 | 1 Mercora | 1 Imradio | 2008-09-05 | 4.6 MEDIUM | N/A |
| Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges. | |||||
| CVE-2005-2867 | 1 Bluewhalecrm | 1 Bluewhalecrm | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in BlueWhaleCRM allows remote attackers to execute arbitrary SQL commands via the Account ID field. | |||||
| CVE-2005-2868 | 1 Ziptorrent | 1 Ziptorrent | 2008-09-05 | 2.1 LOW | N/A |
| ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords. | |||||
| CVE-2005-2869 | 1 Phpmyadmin | 1 Phpmyadmin | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the Username to libraries/auth/cookie.auth.lib.php or (2) the error parameter to error.php. | |||||
| CVE-2005-2870 | 1 Sun | 1 Solaris | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses. | |||||