Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3418 | 1 Phpbb Group | 1 Phpbb | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (2) forward_page parameter to login.php, and (3) list_cat parameter to search.php, which are not initialized as variables. | |||||
| CVE-2005-3419 | 1 Phpbb Group | 1 Phpbb | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized. | |||||
| CVE-2005-3420 | 1 Phpbb Group | 1 Phpbb | 2016-10-17 | 7.5 HIGH | N/A |
| usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier into a preg_replace statement. | |||||
| CVE-2005-3432 | 1 Thomas Rybak | 1 Minigal 2 | 2016-10-17 | 5.0 MEDIUM | N/A |
| MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all. | |||||
| CVE-2005-3433 | 1 Mirabilis | 1 Icq | 2016-10-17 | 5.1 MEDIUM | N/A |
| Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields. | |||||
| CVE-2005-3484 | 1 Nero | 1 Neronet | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-encoded (1) slash "/" ("%2f") or (2) backslash "\" ("%5c") sequences. | |||||
| CVE-2005-3485 | 1 Glider | 1 Collectn Kill | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name. | |||||
| CVE-2005-3486 | 1 Scorched 3d | 1 Scorched 3d | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors. | |||||
| CVE-2005-3487 | 1 Scorched 3d | 1 Scorched 3d | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, (4) a long command that is not properly handled in ComsMessageHandler.cpp when generating an error message, (5) a long UniqueID value in Logger.cpp, and possibly other unspecified vectors. | |||||
| CVE-2005-3488 | 1 Scorched 3d | 1 Scorched 3d | 2016-10-17 | 7.8 HIGH | N/A |
| Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp. | |||||
| CVE-2005-3489 | 1 Asus | 1 Video Security Online | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string. | |||||
| CVE-2005-3490 | 1 Asus | 1 Video Security Online | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL. | |||||
| CVE-2005-3493 | 1 Afsl Games | 1 Battle Carry | 2016-10-17 | 5.0 MEDIUM | N/A |
| Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port. | |||||
| CVE-2005-3502 | 1 Cerberus | 1 Cerberus Helpdesk | 2016-10-17 | 5.0 MEDIUM | N/A |
| attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter. | |||||
| CVE-2005-3512 | 1 Vubb | 1 Vubb | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to inject arbitrary web script or HTML via the t parameter in a newreply action. | |||||
| CVE-2005-3513 | 1 Vubb | 1 Vubb | 2016-10-17 | 5.0 MEDIUM | N/A |
| index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote ('). | |||||
| CVE-2005-3230 | 1 Panda | 1 Activescan | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-3231 | 1 Cat | 1 Quick Heal | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of CAT Quick Heal allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-3232 | 1 Thehacker | 1 Thehacker | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of TheHacker allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||
| CVE-2005-3233 | 1 Trustix | 1 Antivirus | 2016-10-17 | 5.1 MEDIUM | N/A |
| Multiple interpretation error in unspecified versions of Trustix Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | |||||