|
346411
|
- |
|
pablo_software_solutions
|
baby_ftp_server
|
Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "…
|
NVD-CWE-Other
|
CVE-2003-1299
|
2016-11-29 04:06 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346412
|
- |
|
atari
|
terminator_3_war_of_the_machines
|
Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a large nickname.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-1775
|
2016-11-26 03:27 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346413
|
- |
|
phpstat
|
phpstat
|
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
|
CWE-20
Improper Input Validation
|
CVE-2005-1787
|
2016-11-26 03:27 |
2005-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346414
|
- |
|
postnuke_software_foundation
|
postnuke
|
Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2005-1778
|
2016-11-26 03:26 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346415
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855.
|
NVD-CWE-noinfo
|
CVE-2010-0086
|
2016-11-19 12:02 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346416
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0086.
|
NVD-CWE-noinfo
|
CVE-2010-0855
|
2016-11-19 12:02 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346417
|
- |
|
viewcvs
|
viewcvs
|
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.
|
NVD-CWE-Other
|
CVE-2002-0771
|
2016-11-19 11:59 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346418
|
- |
|
microsoft
|
internet_explorer
|
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by enc…
|
CWE-20
Improper Input Validation
|
CVE-2000-0400
|
2016-11-8 03:25 |
2000-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346419
|
- |
|
siteatschool
|
siteatschool
|
PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/incl…
|
NVD-CWE-Other
|
CVE-2006-4921
|
2016-10-18 12:41 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346420
|
- |
|
hotplug_cms
|
hotplug_cms
|
SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (…
|
NVD-CWE-Other
|
CVE-2006-3190
|
2016-10-18 12:40 |
2006-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
