Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0830 | 1 Xzabite | 1 Dyndnsupdate | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function in dyndnsupdate.c, allow remote attackers who spoof a dyndns.org server to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-0831 | 1 Php-post | 1 Php-post Web Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters. | |||||
| CVE-2005-0832 | 1 Php-post | 1 Php-post Web Forum | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-0833 | 1 Belkin | 1 Belkin 54g Wireless Router | 2008-09-05 | 7.5 HIGH | N/A |
| Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication. | |||||
| CVE-2005-0834 | 1 Belkin | 1 Belkin 54g Wireless Router | 2008-09-05 | 5.0 MEDIUM | N/A |
| Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-0835 | 1 Belkin | 1 54g Wireless Router | 2008-09-05 | 5.0 MEDIUM | N/A |
| The SNMP service in the Belkin 54G (F5D7130) wireless router allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2005-0849 | 1 Funlabs | 9 4x4 Off-road Adventure Iii, Cabelas Big Game Hunter 2004 Season, Cabelas Big Game Hunter 2005 and 6 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangerous Hunts, Deer Hunt, Revolution, Secret Service, Shadow Force, and US Most Wanted, allow remote attackers to cause a denial of service (crash from invalid memory access) via a malformed join packet with values that cause the server to copy more memory than was actually provided in the packet. | |||||
| CVE-2005-0852 | 1 Microsoft | 1 Windows Xp | 2008-09-05 | 2.1 LOW | N/A |
| Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty datagram to a raw IP over IP socket (IP protocol 4), as originally demonstrated using code in Python 2.3. | |||||
| CVE-2005-0855 | 1 Coolforum | 1 Coolforum | 2008-09-05 | 10.0 HIGH | N/A |
| CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sensitive path information via direct requests to (1) entete.php, (2) profile_accueil.php, (3) profile_mdp.php, (4) profile_notify.php, (5) profile_options.php, (6) profile_perso.php, (7) profile_pm.php, or (8) readannonce.php, which leaks the full pathname in a PHP error message. | |||||
| CVE-2005-0856 | 1 Coolforum | 1 Coolforum | 2008-09-05 | 7.5 HIGH | N/A |
| CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requests to (1) alert.php or (2) viewip.php, possibly due to a SQL injection vulnerability. | |||||
| CVE-2005-0860 | 1 The Rusted Gate | 1 Trg News | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in TRG News Script 3.0 allows remote attackers to execute arbitrary PHP code via the dir parameter to (1) article.php, (2) authorall.php, (3) comment.php, (4) display.php, or (5) displayall.php. | |||||
| CVE-2005-0864 | 1 Securecomputing | 1 Samsung Adsl Modem | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other products, allows remote attackers to read arbitrary files via a full pathname in the HTTP request. | |||||
| CVE-2005-0865 | 1 Securecomputing | 1 Samsung Adsl Modem | 2008-09-05 | 7.5 HIGH | N/A |
| Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user users, which allows remote attackers to gain privileges via Telnet or an HTTP request to adsl.cgi. | |||||
| CVE-2005-0886 | 1 Invision Power Services | 1 Invision Board | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. | |||||
| CVE-2005-0889 | 1 Dream4 | 1 Koobi Cms | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | |||||
| CVE-2005-0890 | 1 Dream4 | 1 Koobi Cms | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | |||||
| CVE-2005-0906 | 3 Instance Four, Sacred, Ubi Soft | 3 Tincat, Sacred, The Settlersheritage Of Kings | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-0907 | 1 Valdersoft | 1 Shopping Cart | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php. | |||||
| CVE-2005-0908 | 1 Valdersoft | 1 Valdersoft Shopping Cart | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php. | |||||
| CVE-2005-0910 | 1 E-xoops | 1 E-xoops | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php. | |||||