|
346631
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone.
|
NVD-CWE-Other
|
CVE-2005-3892
|
2016-10-18 12:37 |
2005-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346632
|
- |
|
mozilla
|
mozilla
|
Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function.
|
NVD-CWE-Other
|
CVE-2005-3896
|
2016-10-18 12:37 |
2005-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346633
|
- |
|
apple
|
safari
|
Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.
|
NVD-CWE-Other
|
CVE-2005-3897
|
2016-10-18 12:37 |
2005-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346634
|
- |
|
phorum
|
phorum
|
SQL injection vulnerability in search.php in Phorum 5.0.0alpha through 5.0.20, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the forum_ids parameter.
|
CWE-89
SQL Injection
|
CVE-2005-3543
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346635
|
- |
|
codegrrl
|
phpcalendar
phpclique
phpcurrently
phpfanbase
phpquotes
|
PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to inclu…
|
CWE-94
Code Injection
|
CVE-2005-3571
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346636
|
- |
|
sun
|
jre
sdk
|
(1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unrespo…
|
NVD-CWE-Other
|
CVE-2005-3583
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346637
|
- |
|
phpwebthings
|
phpwebthings
|
Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to inject arbitrary web script or HTML via the forum parameter.
|
NVD-CWE-Other
|
CVE-2005-3584
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346638
|
- |
|
cutephp
|
cutenews
|
index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot s…
|
NVD-CWE-Other
|
CVE-2005-3592
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346639
|
- |
|
e107
|
e107
|
game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing the $player_name, $player_score, and $game_name variables.
|
NVD-CWE-Other
|
CVE-2005-3594
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346640
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
|
NVD-CWE-Other
|
CVE-2005-3622
|
2016-10-18 12:36 |
2005-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
