|
346981
|
- |
|
jowood_productions
|
soldner_secret_wars
|
Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows remote attackers to inject arbitrary web script or HTML via a user message, which is not filtered or …
|
NVD-CWE-Other
|
CVE-2005-0281
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346982
|
- |
|
mybulletinboard
|
mybulletinboard
|
SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
|
NVD-CWE-Other
|
CVE-2005-0282
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346983
|
- |
|
david_barrett
|
qwikiwiki
|
Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter.
|
NVD-CWE-Other
|
CVE-2005-0283
|
2017-07-11 10:32 |
2005-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346984
|
- |
|
woltlab
|
burning_book
|
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent paramet…
|
NVD-CWE-Other
|
CVE-2005-0284
|
2017-07-11 10:32 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346985
|
- |
|
bottomline
|
webseries_payment_application
|
Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs.
|
NVD-CWE-Other
|
CVE-2005-0285
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346986
|
- |
|
emotion
|
mediapartner_web_server
|
eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, …
|
NVD-CWE-Other
|
CVE-2005-0286
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346987
|
- |
|
bottomline
|
webseries_payment_application
|
Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values.
|
NVD-CWE-Other
|
CVE-2005-0287
|
2017-07-11 10:32 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346988
|
- |
|
bottomline
|
webseries_payment_application
|
The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change…
|
NVD-CWE-Other
|
CVE-2005-0288
|
2017-07-11 10:32 |
2005-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346989
|
- |
|
apple
|
airport_express
airport_extreme
|
Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP…
|
NVD-CWE-Other
|
CVE-2005-0289
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346990
|
- |
|
netgear
|
fvs318
|
NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension.
|
NVD-CWE-Other
|
CVE-2005-0290
|
2017-07-11 10:32 |
2005-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
