Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0621 | 1 Enlight Software | 1 Scrapland | 2016-10-17 | 5.0 MEDIUM | N/A |
| Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets. | |||||
| CVE-2005-0622 | 1 Raidenhttpd | 1 Raidenhttpd | 2016-10-17 | 5.0 MEDIUM | N/A |
| RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space. | |||||
| CVE-2005-0623 | 1 Raidenhttpd | 1 Raidenhttpd | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL. | |||||
| CVE-2005-0628 | 1 Demof | 1 Forumwa | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a forum message. | |||||
| CVE-2005-0632 | 1 Phpnews | 1 Phpnews | 2016-10-17 | 5.0 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. | |||||
| CVE-2005-0633 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | |||||
| CVE-2005-0645 | 1 Cutephp | 1 Cutenews | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers to inject arbitrary HTML, web script, and PHP code via the (1) CLIENT-IP or (2) X-FORWARDED-FOR header in an HTTP POST request to show_news.php. | |||||
| CVE-2005-0646 | 1 Php Arena | 1 Panews | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter. | |||||
| CVE-2005-0647 | 1 Php Arena | 1 Panews | 2016-10-17 | 5.0 MEDIUM | N/A |
| admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php. | |||||
| CVE-2005-0655 | 1 Arif Supriyanto | 1 Auracms | 2016-10-17 | 5.0 MEDIUM | N/A |
| auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message. | |||||
| CVE-2005-0656 | 1 Arif Supriyanto | 1 Auracms | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php. | |||||
| CVE-2005-0658 | 1 Cmw Linklist | 1 Cmw Linklist | 2016-10-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute arbitrary SQL commands via the category_uid parameter. | |||||
| CVE-2005-0659 | 1 Phpbb Group | 1 Phpbb | 2016-10-17 | 5.0 MEDIUM | N/A |
| phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message. | |||||
| CVE-2005-0674 | 1 Php Arena | 1 Pabox | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request. | |||||
| CVE-2005-0678 | 1 Stadtaus | 1 Form Mail Script | 2016-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-0680 | 1 Stadtaus | 1 Download Center Lite | 2016-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-0689 | 1 Jimmy | 1 The Includer | 2016-10-17 | 7.5 HIGH | N/A |
| includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter. | |||||
| CVE-2005-0690 | 1 Gene6 | 1 G6 Ftp Server | 2016-10-17 | 2.1 LOW | N/A |
| Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command. | |||||
| CVE-2005-0691 | 1 Socialmpn | 1 Socialmpn | 2016-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-0692 | 1 Php Fusion | 1 Php Fusion | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fusion 5.x allows remote attackers to inject arbitrary web script or HTML via a message with IMG bbcode containing character-encoded Javascript. | |||||