|
346961
|
- |
|
miva
|
miva_merchant
|
Cross-site scripting (XSS) vulnerability in merchant.mvc in MIVA Merchant 5 allows remote attackers to inject arbitrary web script or HTML via the Customer_Login parameter.
|
NVD-CWE-Other
|
CVE-2005-2953
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346962
|
- |
|
adaptive_technology_resource_centre
|
atutor
|
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute a…
|
NVD-CWE-Other
|
CVE-2005-2955
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346963
|
- |
|
adaptive_technology_resource_centre
|
atutor
|
ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain…
|
NVD-CWE-Other
|
CVE-2005-2956
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346964
|
- |
|
avira
|
desktop
|
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename…
|
NVD-CWE-Other
|
CVE-2005-2957
|
2016-10-18 12:31 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346965
|
- |
|
compaq
|
compaqhttpserver
|
Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting 404 error pa…
|
NVD-CWE-Other
|
CVE-2005-2982
|
2016-10-18 12:31 |
2005-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346966
|
- |
|
oracle
|
reports
|
SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramfor…
|
CWE-89
SQL Injection
|
CVE-2005-2983
|
2016-10-18 12:31 |
2005-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346967
|
- |
|
symantec
|
norton_antivirus
|
Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.…
|
NVD-CWE-Other
|
CVE-2005-2766
|
2016-10-18 12:30 |
2005-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346968
|
- |
|
mybulletinboard
|
mybulletinboard
|
SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL statements via the fid parameter.
|
NVD-CWE-Other
|
CVE-2005-2778
|
2016-10-18 12:30 |
2005-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346969
|
- |
|
-
|
-
|
The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attac…
|
NVD-CWE-Other
|
CVE-2005-2779
|
2016-10-18 12:30 |
2005-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346970
|
- |
|
neocrome
|
land_down_under
|
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature.
|
NVD-CWE-Other
|
CVE-2005-2780
|
2016-10-18 12:30 |
2005-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
