Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1644 | 1 1two | 1 Livre D Or | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.php for 1Two Livre d'Or 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) livreornom, (2) livreoremail, or (3) livreormessage parameters. | |||||
| CVE-2005-1645 | 1 Keyvan1 | 1 Imagegallery | 2017-07-10 | 5.0 MEDIUM | N/A |
| Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-1660 | 1 Htmljunction | 1 Ezguestbook | 2017-07-10 | 7.5 HIGH | N/A |
| HTMLJunction EZGuestbook stores the guestbook.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the administrative password. | |||||
| CVE-2005-1662 | 1 Jeuce | 1 Jeuce Personal Web Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2005-1663 | 1 Jeuce | 1 Jeuce Personal Web Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | |||||
| CVE-2005-1664 | 1 Microsoft | 1 Asp.net | 2017-07-10 | 6.4 MEDIUM | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties. | |||||
| CVE-2005-1665 | 1 Microsoft | 1 Asp.net | 2017-07-10 | 5.0 MEDIUM | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | |||||
| CVE-2005-1666 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe. | |||||
| CVE-2005-1726 | 1 Apple | 1 Mac Os X | 2017-07-10 | 4.6 MEDIUM | N/A |
| The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions." | |||||
| CVE-2005-1764 | 1 Linux | 1 Linux Kernel | 2017-07-10 | 2.1 LOW | N/A |
| Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page to protect against an AMD K8 bug, which allows local users to cause a denial of service. | |||||
| CVE-2005-1822 | 1 Qualiteam | 1 X-cart | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php. | |||||
| CVE-2005-1823 | 1 Qualiteam | 1 X-cart | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php. | |||||
| CVE-2005-1854 | 1 Debian | 1 Apt-cacher | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. | |||||
| CVE-2005-1857 | 1 Simpleproxy | 1 Simpleproxy | 2017-07-10 | 7.5 HIGH | N/A |
| Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply. | |||||
| CVE-2005-1867 | 1 Symantec | 1 Brightmail Antispam | 2017-07-10 | 7.5 HIGH | N/A |
| Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges. | |||||
| CVE-2005-1868 | 1 I-man | 1 I-man | 2017-07-10 | 7.5 HIGH | N/A |
| I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension. | |||||
| CVE-2005-1887 | 1 Sun | 1 Solaris | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges. | |||||
| CVE-2005-1900 | 1 Sawmill | 1 Sawmill | 2017-07-10 | 7.5 HIGH | N/A |
| Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license. | |||||
| CVE-2005-1901 | 1 Sawmill | 1 Sawmill | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) the username in the Add User window or (2) the license key in the Licensing page. | |||||
| CVE-2005-1902 | 1 E-post Corporation | 1 Spa-pro Mail Atsolomon | 2017-07-10 | 3.6 LOW | N/A |
| Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands. | |||||