|
347811
|
- |
|
musicbox
|
musicbox
|
SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, al…
|
CWE-89
SQL Injection
|
CVE-2005-4500
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347812
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inli…
|
NVD-CWE-Other
|
CVE-2005-4501
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347813
|
- |
|
apple
|
safari
textedit
mac_os_x
mac_os_x_server
|
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory co…
|
NVD-CWE-Other
|
CVE-2005-4504
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347814
|
- |
|
mcafee
|
common_management_agent
virusscan_enterprise
|
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C:…
|
NVD-CWE-Other
|
CVE-2005-4505
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347815
|
- |
|
parallel_tools_consortium
|
ptools
|
SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. NOTE: the provenance of this information is unknown; the details …
|
NVD-CWE-Other
|
CVE-2005-4509
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347816
|
- |
|
curtis_hawthorne
|
tn3270_resource_gateway
|
Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls.
|
NVD-CWE-Other
|
CVE-2005-4511
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347817
|
- |
|
direct_news
|
direct_news
|
Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via (1) the setLang parameter in index.php and (2) unspecified search module paramet…
|
NVD-CWE-Other
|
CVE-2005-4527
|
2017-07-20 10:29 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347818
|
- |
|
alstrasoft
|
epay
|
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified paramete…
|
NVD-CWE-Other
|
CVE-2005-4530
|
2017-07-20 10:29 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347819
|
- |
|
scponly
|
scponly
|
scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in thei…
|
NVD-CWE-Other
|
CVE-2005-4532
|
2017-07-20 10:29 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347820
|
- |
|
debian
|
libmail-audit-perl
|
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via…
|
NVD-CWE-Other
|
CVE-2005-4536
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
