|
345941
|
- |
|
showalbumonline
|
my_album_online
|
Directory traversal vulnerability in My Album Online 1.0 allows remote attackers to access arbitrary files via ".../" (triple dot) sequences in unspecified vectors.
|
NVD-CWE-Other
|
CVE-2005-4201
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345942
|
- |
|
logisphere
|
logisphere
|
Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) "..." (triple dot), and (3) "..//" sequences in the URL, (…
|
NVD-CWE-Other
|
CVE-2005-4202
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345943
|
- |
|
logisphere
|
logisphere
|
LogiSphere 0.9.9j does not restrict the number of messages that can be sent, which allows remote attackers to cause a denial of service by sending a large number of messages via the msg command. NOT…
|
NVD-CWE-Other
|
CVE-2005-4203
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345944
|
- |
|
alt-n
|
mdaemon
worldclient
|
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents t…
|
CWE-94
Code Injection
|
CVE-2005-4209
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345945
|
- |
|
macromedia
|
flash_media_server
|
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote attackers to cause a denial of service (application crash) via a malformed request with a single cha…
|
NVD-CWE-Other
|
CVE-2005-4216
|
2017-07-20 10:29 |
2005-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345946
|
- |
|
apple
|
mac_os_x_server
|
Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4217
|
2017-07-20 10:29 |
2005-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345947
|
- |
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in auction.pl in EveryAuction 1.53 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. NOTE: the prove…
|
NVD-CWE-Other
|
CVE-2005-4229
|
2017-07-20 10:29 |
2005-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345948
|
- |
|
torrential
|
torrential
|
Cross-site scripting (XSS) vulnerability in getdox.php in Torrential 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL. NOTE: this might be resultant from CVE-2005-4160.
|
NVD-CWE-Other
|
CVE-2005-4253
|
2017-07-20 10:29 |
2005-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345949
|
- |
|
aspbb
|
aspbb
|
Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFI…
|
NVD-CWE-Other
|
CVE-2005-4259
|
2017-07-20 10:29 |
2005-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345950
|
- |
|
cisco
|
catalyst
catalyst_1200_series
catalyst_1900_series
catalyst_2800_series
catalyst_2820
catalyst_2900
catalyst_2901
catalyst_2902
catalyst_2920
catalyst_2926
catalyst_2926…
|
Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (…
|
NVD-CWE-Other
|
CVE-2005-4258
|
2017-07-20 10:29 |
2005-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
