Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1884 | 1 Yapig | 1 Yapig | 2008-09-05 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter. | |||||
| CVE-2005-1885 | 1 Yapig | 1 Yapig | 2008-09-05 | 5.0 MEDIUM | N/A |
| view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to obtain sensitive information via a phid parameter that is not an integer, which reveals the path in an error message. | |||||
| CVE-2005-1886 | 1 Yapig | 1 Yapig | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via (1) the phid parameter or (2) unknown parameters when posting a new comment. | |||||
| CVE-2005-1888 | 1 Mediawiki | 1 Mediawiki | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates. | |||||
| CVE-2005-1890 | 1 Mortiforo | 1 Mortiforo | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Mortiforo before 0.9.1 allows users to access private forums via unknown attack vectors. | |||||
| CVE-2005-1897 | 1 Flexcast | 1 Flexcast Audio Video Streaming Server | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors. | |||||
| CVE-2005-1898 | 1 Phpthumb | 1 Phpthumb | 2008-09-05 | 5.0 MEDIUM | N/A |
| The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images. | |||||
| CVE-2005-1904 | 1 Jiro | 1 Jiro Upload System | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password parameter. | |||||
| CVE-2005-1908 | 1 Perception | 1 Liteweb | 2008-09-05 | 7.5 HIGH | N/A |
| Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL. | |||||
| CVE-2005-1909 | 1 Software602 | 1 602lan Suite | 2008-09-05 | 4.3 MEDIUM | N/A |
| The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability. | |||||
| CVE-2005-1910 | 1 Wwweb Concepts | 1 Events System | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2005-1911 | 1 Leafnode | 1 Leafnode | 2008-09-05 | 5.0 MEDIUM | N/A |
| The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss). | |||||
| CVE-2005-1914 | 1 Centericq | 1 Centericq | 2008-09-05 | 2.1 LOW | N/A |
| CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file. | |||||
| CVE-2005-1917 | 1 Kpopper | 1 Kpopper | 2008-09-05 | 2.1 LOW | N/A |
| kpopper 1.0 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the .popper-new temporary file. | |||||
| CVE-2005-1922 | 1 Clam Anti-virus | 1 Clamav | 2008-09-05 | 5.0 MEDIUM | N/A |
| The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. | |||||
| CVE-2005-1923 | 1 Clam Anti-virus | 1 Clamav | 2008-09-05 | 2.6 LOW | N/A |
| The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. | |||||
| CVE-2005-1932 | 1 Lpanel | 1 Lpanel | 2008-09-05 | 2.1 LOW | N/A |
| Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php. | |||||
| CVE-2005-1933 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.5 HIGH | N/A |
| Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | |||||
| CVE-2005-1941 | 1 Silvercity | 1 Silvercity | 2008-09-05 | 3.7 LOW | N/A |
| SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code. | |||||
| CVE-2005-1959 | 1 Jammail | 1 Jammail | 2008-09-05 | 7.5 HIGH | N/A |
| jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter. | |||||