Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1503 | 1 Midicart Software | 1 Midicart Php Shopping Cart | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) searchstring parameter to search_list.php, the (2) maingroup or (3) secondgroup parameters to item_list.php, or (4) code_no parameter to item_show.php. | |||||
| CVE-2005-1504 | 1 Gamespy | 1 Cd-key Validation System | 2017-07-10 | 5.0 MEDIUM | N/A |
| GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed \disc\ command, which tells the server the CD key is no longer in use. | |||||
| CVE-2005-1505 | 1 Apple | 1 Mail | 2017-07-10 | 7.5 HIGH | N/A |
| The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext. | |||||
| CVE-2005-1507 | 1 4d | 1 Webstar | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL. | |||||
| CVE-2005-1508 | 1 Pwsphp | 1 Pwsphp | 2017-07-10 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4) annee parameters to the stats module, (5) id parameter to profil.php, (6) mb_lettre or (7) lettre parameter to memberlist.php, or (8) chaine_search, or (9) auteur_search parameter to the recherche module. | |||||
| CVE-2005-1509 | 1 Pwsphp | 1 Pwsphp | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-1511 | 1 Pwsphp | 1 Pwsphp | 2017-07-10 | 7.5 HIGH | N/A |
| PwsPHP 1.2.2 allows remote attackers to bypass authentication and post arbitrary comments via the Pseudo cookie. | |||||
| CVE-2005-1512 | 1 Pwsphp | 1 Pwsphp | 2017-07-10 | 7.5 HIGH | N/A |
| The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files. | |||||
| CVE-2005-1516 | 1 Netwin | 1 Dmail | 2017-07-10 | 7.5 HIGH | N/A |
| DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, and shutdown the system via a sendlog command with an incorrect password hash, which is not properly handled by the _cmd_sendlog function. | |||||
| CVE-2005-1524 | 1 The Cacti Group | 1 Cacti | 2017-07-10 | 5.0 MEDIUM | N/A |
| PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter. | |||||
| CVE-2005-1525 | 1 The Cacti Group | 1 Cacti | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-1526 | 1 The Cacti Group | 1 Cacti | 2017-07-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter. | |||||
| CVE-2005-1528 | 1 Qnx | 1 Rtos | 2017-07-10 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library. | |||||
| CVE-2005-1530 | 1 Sophos | 5 Sophos Anti-virus, Sophos Mailmonitor, Sophos Mailmonitor For Notes Domino and 2 more | 2017-07-10 | 5.0 MEDIUM | N/A |
| Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value. | |||||
| CVE-2005-1543 | 1 Novell | 5 Zenworks, Zenworks Desktops, Zenworks Remote Management and 2 more | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests. | |||||
| CVE-2005-1544 | 1 Libtiff | 1 Libtiff | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. | |||||
| CVE-2005-1551 | 1 Sophos | 1 Sophos Anti-virus | 2017-07-10 | 5.1 MEDIUM | N/A |
| Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot. | |||||
| CVE-2005-1552 | 1 Geovision | 1 Digital Surveillance System | 2017-07-10 | 5.0 MEDIUM | N/A |
| GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a direct request to the image. | |||||
| CVE-2005-1553 | 1 Geovision | 1 Digital Surveillance System | 2017-07-10 | 7.5 HIGH | N/A |
| GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing. | |||||
| CVE-2005-1643 | 1 Jorg Ruppel | 1 Zoidcom | 2017-07-10 | 5.0 MEDIUM | N/A |
| The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and earlier allows remote attackers to cause a denial of service via a crafted UDP packet with a large size value, which causes a memory allocation error or an out-of-bounds read. | |||||