|
347501
|
- |
|
belchior_foundry
|
vcard
|
PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter.
|
NVD-CWE-Other
|
CVE-2005-3332
|
2008-09-6 05:54 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347502
|
- |
|
mantis
|
mantis
|
Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/v…
|
NVD-CWE-Other
|
CVE-2005-3337
|
2008-09-6 05:54 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347503
|
- |
|
mantis
|
mantis
|
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users.
|
NVD-CWE-Other
|
CVE-2005-3338
|
2008-09-6 05:54 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347504
|
- |
|
mantis
|
mantis
|
Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors.
|
NVD-CWE-Other
|
CVE-2005-3339
|
2008-09-6 05:54 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347505
|
- |
|
comersus_open_technologies
|
comersus_backoffice_lite
comersus_backoffice_plus
|
Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows remote attackers to inject arbitrary web script or HTML via the error parameter to comersus_backoffice_supportError.asp. NOTE: …
|
NVD-CWE-Other
|
CVE-2005-3397
|
2008-09-6 05:54 |
2005-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347506
|
- |
|
subdreamer
|
subdreamer
|
Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitrary SQL commands via (1) the loginusername parameter or (2) cookies to (a) subdreamer.php, (b) ipb2.…
|
NVD-CWE-Other
|
CVE-2005-3423
|
2008-09-6 05:54 |
2005-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347507
|
- |
|
gnu
|
gnump3d
|
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.
|
NVD-CWE-Other
|
CVE-2005-3425
|
2008-09-6 05:54 |
2005-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347508
|
- |
|
cisco
|
content_services_switch_11500
|
Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certifica…
|
NVD-CWE-Other
|
CVE-2005-3426
|
2008-09-6 05:54 |
2005-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347509
|
- |
|
sony
|
first4internet_xcp_content_management
|
The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or process with a name that starts with "$sys$", which allows attackers to hide activities on a system that …
|
NVD-CWE-Other
|
CVE-2005-3474
|
2008-09-6 05:54 |
2005-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347510
|
- |
|
invision_power_services
|
invision_gallery
|
Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose ty…
|
NVD-CWE-Other
|
CVE-2005-3477
|
2008-09-6 05:54 |
2005-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
