|
348411
|
- |
|
dragonfly
freebsd
linux
openbsd
|
dragonfly
freebsd
linux_kernel
openbsd
|
The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another…
|
NVD-CWE-Other
|
CVE-2005-4351
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348412
|
- |
|
box_uk
|
amaxus
|
Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.
|
NVD-CWE-Other
|
CVE-2005-4376
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348413
|
- |
|
-
|
-
|
Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to inject arbitrary web script or HTML via the (1) sort_mode parameter to (a) fisheye/list_g…
|
NVD-CWE-Other
|
CVE-2005-4379
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348414
|
- |
|
bitweaver
|
bitweaver
|
Multiple SQL injection vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to execute arbitrary SQL commands via the (1) sort_mode parameter to (a) fisheye/list_galleries.php, (b) …
|
CWE-89
SQL Injection
|
CVE-2005-4380
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348415
|
- |
|
citysoft
|
community_enterprise
|
SQL injection vulnerability in CitySoft Community Enterprise 4.x allows remote attackers to execute arbitrary SQL commands via the (1) nodeID, (2) pageID, (3) ID, and (4) parentid parameter to index.…
|
CWE-89
SQL Injection
|
CVE-2005-4382
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348416
|
- |
|
citysoft
|
community_enterprise
|
Cross-site scripting (XSS) vulnerability in index.cfm in CitySoft Community Enterprise 4.x allows remote attackers to inject arbitrary web script or HTML via the (1) presentationSite, (2) docPublishY…
|
NVD-CWE-Other
|
CVE-2005-4383
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348417
|
- |
|
citysoft
|
community_enterprise
|
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow…
|
NVD-CWE-Other
|
CVE-2005-4384
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348418
|
- |
|
contens
|
contens
|
Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter.
|
NVD-CWE-Other
|
CVE-2005-4388
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348419
|
- |
|
contens
|
contens
|
search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtain the full server path via invalid (1) submit.y, (2) bool, (3) itemsperpage, (4) submit, (5) submit.x, (6) criteria, (7) advanced…
|
NVD-CWE-Other
|
CVE-2005-4389
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348420
|
- |
|
contentserv
|
contentserv
|
SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter.
|
NVD-CWE-Other
|
CVE-2005-4390
|
2017-07-20 10:29 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
