Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0957 | 1 Bay Technical Associates | 1 Rpc3 Telnet | 2017-07-10 | 7.5 HIGH | N/A |
| Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username prompt. | |||||
| CVE-2005-0962 | 1 Lighthouse Development | 1 Squirrelcart | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action. | |||||
| CVE-2005-0963 | 1 Toshiba | 1 Acpi Flash Bios | 2017-07-10 | 2.1 LOW | N/A |
| An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges. | |||||
| CVE-2005-0964 | 1 Kerio | 1 Personal Firewall | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. | |||||
| CVE-2005-0975 | 2 Apple, Opendarwin | 3 Mac Os X, Mac Os X Server, Darwin Kernel | 2017-07-10 | 2.1 LOW | N/A |
| Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header. | |||||
| CVE-2005-0978 | 1 Ivt | 1 Bluesoleil | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Object Push service in IVT BlueSoleil 1.4 allows remote attackers to upload arbitrary files via a .. (dot dot) in a PUSH command. | |||||
| CVE-2005-0979 | 1 Netmanage | 1 Rumba | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field. | |||||
| CVE-2005-0992 | 1 Phpmyadmin | 1 Phpmyadmin | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter. | |||||
| CVE-2005-1000 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the bid parameter to the EmailStats op in banners.pgp, (2) the ratenum parameter in the TopRated and MostPopular actions in the Web_Links module, (3) the ttitle parameter in the viewlinkdetails, viewlinkeditorial, viewlinkcomments, and ratelink actions in the Web_Links module, or (4) the username parameter in the Your_Account module. | |||||
| CVE-2005-1001 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 5.0 MEDIUM | N/A |
| PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to (1) the Surveys module with the file parameter set to comments or (2) 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message. | |||||
| CVE-2005-1003 | 1 Profitcode | 1 Payprocart | 2017-07-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. (dot dot) sequences in the modID parameter. | |||||
| CVE-2005-1004 | 1 Profitcode | 1 Payprocart | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remote attackers to inject arbitrary web script or HTML via the sgnuptype parameter. | |||||
| CVE-2005-1005 | 1 Profitcode | 1 Payprocart | 2017-07-10 | 7.5 HIGH | N/A |
| ProfitCode PayProCart 3.0 allows remote attackers to bypass authentication and gain administrative privileges to the admin control panel, as demonstrated via a direct request to adminshop/index.php with hex-encoded .. sequences in the ftoedit parameter. | |||||
| CVE-2005-1007 | 1 Stalker | 1 Communigate Pro | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the LIST functionality in CommuniGate Pro before 4.3c3 allows remote attackers to cause a denial of service (server crash) via certain multipart messages. | |||||
| CVE-2005-1009 | 1 Bakbone | 1 Netvault | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbitrary code via a modified computer name and length that leads to a heap-based buffer overflow, or (2) local users to execute arbitrary code via a long Name entry in the configure.cfg file. | |||||
| CVE-2005-1010 | 1 Comersus Open Technologies | 1 Comersus Cart | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows remote attackers to inject arbitrary web script or HTML via the account username. | |||||
| CVE-2005-1012 | 1 Iatek | 1 Siteenable | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbitrary web script or HTML via (1) the contenttype parameter to content.asp, (2) the title, or (3) the description. | |||||
| CVE-2005-1013 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2017-07-10 | 5.0 MEDIUM | N/A |
| The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string. | |||||
| CVE-2005-1014 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command. | |||||
| CVE-2005-1016 | 1 Maxwebportal | 1 Maxwebportal | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in links_add_form.asp for MaxWebPortal 1.33 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URL in a banner URL. | |||||