|
355431
|
- |
|
postnuke_software_foundation
|
postnuke
|
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via (1) the moderate parameter to the Comments module or (2) …
|
NVD-CWE-Other
|
CVE-2005-2689
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355432
|
- |
|
postnuke_software_foundation
|
postnuke
|
SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php.
|
NVD-CWE-Other
|
CVE-2005-2690
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355433
|
- |
|
runcms
|
runcms
|
includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing …
|
NVD-CWE-Other
|
CVE-2005-2691
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355434
|
- |
|
runcms
|
runcms
|
Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, th…
|
NVD-CWE-Other
|
CVE-2005-2692
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355435
|
- |
|
symantec_veritas
|
netbackup_data_and_business_center
netbackup_enterprise_server_client
|
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, an…
|
NVD-CWE-Other
|
CVE-2005-2715
|
2008-09-6 05:52 |
2005-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355436
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow …
|
NVD-CWE-Other
|
CVE-2005-2742
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355437
|
- |
|
apple
|
quicktime
mac_os_x
mac_os_x_server
|
The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary…
|
NVD-CWE-Other
|
CVE-2005-2743
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355438
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive inform…
|
NVD-CWE-Other
|
CVE-2005-2745
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355439
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
|
NVD-CWE-Other
|
CVE-2005-2746
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355440
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file b…
|
NVD-CWE-Other
|
CVE-2005-2748
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
