Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1698 | 1 Postnuke Software Foundation | 1 Postnuke | 2016-10-17 | 5.0 MEDIUM | N/A |
| PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct request to (1) theme.php or (2) Xanthia.php in the Xanthia module, (3) user.php, (4) thelang.php, (5) text.php, (6) html.php, (7) menu.php, (8) finclude.php, or (9) button.php in the pnblocks directory in the Blocks module, (10) config.php in the NS-Multisites (aka Multisites) module, or (11) xmlrpc.php, which reveals the path in an error message. | |||||
| CVE-2005-1699 | 1 Postnuke Software Foundation | 1 Postnuke | 2016-10-17 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to read arbitrary files via a .. (dot dot) in the skin parameter. | |||||
| CVE-2005-1700 | 1 Postnuke Software Foundation | 1 Postnuke | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote administrators to execute arbitrary SQL commands via the riga[0] parameter. | |||||
| CVE-2005-1701 | 1 Portailphp | 1 Portailphp | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules. | |||||
| CVE-2005-1506 | 1 Cj | 1 Ultra Plus | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. | |||||
| CVE-2005-1510 | 1 Pwsphp | 1 Pwsphp | 2016-10-17 | 7.5 HIGH | N/A |
| PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message. | |||||
| CVE-2005-1547 | 1 Bakbone | 1 Netvault | 2016-10-17 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031. | |||||
| CVE-2005-1548 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter. | |||||
| CVE-2005-1549 | 1 Colored Scripts | 1 Easy Message Board | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print parameter. | |||||
| CVE-2005-1550 | 1 Colored Scripts | 1 Easy Message Board | 2016-10-17 | 7.5 HIGH | N/A |
| easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print parameter. | |||||
| CVE-2005-1563 | 1 Mozilla | 1 Bugzilla | 2016-10-17 | 5.0 MEDIUM | N/A |
| Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on whether a product exists or not, which allows remote attackers to determine hidden products. | |||||
| CVE-2005-1350 | 1 Leif M. Wright | 1 Ad.cgi | 2016-10-17 | 5.0 MEDIUM | N/A |
| The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | |||||
| CVE-2005-1351 | 1 Leif M. Wright | 1 Ad.cgi | 2016-10-17 | 7.5 HIGH | N/A |
| The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | |||||
| CVE-2005-1352 | 1 Leif M. Wright | 1 Ad.cgi | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | |||||
| CVE-2005-1353 | 1 Forum.pl | 1 Forum.pl | 2016-10-17 | 5.0 MEDIUM | N/A |
| The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. | |||||
| CVE-2005-1354 | 1 Forum.pl | 1 Forum.pl | 2016-10-17 | 7.5 HIGH | N/A |
| The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | |||||
| CVE-2005-1355 | 1 Includer.cgi | 1 Includer.cgi | 2016-10-17 | 5.0 MEDIUM | N/A |
| includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801. | |||||
| CVE-2005-1356 | 1 Includer.cgi | 1 Includer.cgi | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument. | |||||
| CVE-2005-1357 | 1 Text.cgi | 1 Text.cgi | 2016-10-17 | 5.0 MEDIUM | N/A |
| text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | |||||
| CVE-2005-1358 | 1 Text.cgi | 1 Text.cgi | 2016-10-17 | 7.5 HIGH | N/A |
| text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | |||||