|
346561
|
- |
|
gnu
|
gnats
|
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local u…
|
NVD-CWE-Other
|
CVE-2005-2180
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346562
|
- |
|
phpxmail
|
phpxmail
|
class.xmail.php in PhpXmail 0.7 through 1.1 does not properly handle large passwords, which prevents an error message from being returned and allows remote attackers to bypass authentication and gain…
|
NVD-CWE-Other
|
CVE-2005-2183
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346563
|
- |
|
emc
|
eroom
|
eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file.
|
NVD-CWE-Other
|
CVE-2005-2184
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346564
|
- |
|
emc
|
eroom
|
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.
|
NVD-CWE-Other
|
CVE-2005-2185
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346565
|
- |
|
mcafee
|
intrushield_security_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName …
|
NVD-CWE-Other
|
CVE-2005-2186
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346566
|
- |
|
mcafee
|
intrushield_security_management_system
|
McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using …
|
NVD-CWE-Other
|
CVE-2005-2187
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346567
|
- |
|
mcafee
|
intrushield_security_management_system
|
McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack.
|
NVD-CWE-Other
|
CVE-2005-2188
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346568
|
- |
|
lantronix
|
securelinx
|
Lantronix SecureLinx console server running firmware 2.0 and 3.0 stores /etc/ssh under the web document root with insufficient access control, which allows remote attackers to obtain sensitive inform…
|
NVD-CWE-Other
|
CVE-2005-2189
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346569
|
- |
|
comersus_open_technologies
|
comersus_cart
|
Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to comersus_optAffiliateRegistrationExec.asp or (…
|
NVD-CWE-Other
|
CVE-2005-2190
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346570
|
- |
|
comersus_open_technologies
|
comersus_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssig…
|
NVD-CWE-Other
|
CVE-2005-2191
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
