|
347281
|
- |
|
devellion
|
cubecart
|
Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter.
|
NVD-CWE-Other
|
CVE-2005-0442
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347282
|
- |
|
devellion
|
cubecart
|
index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes th…
|
NVD-CWE-Other
|
CVE-2005-0443
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347283
|
- |
|
open_webmail
|
open_webmail
|
Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page.
|
NVD-CWE-Other
|
CVE-2005-0445
|
2017-07-11 10:32 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347284
|
- |
|
putty
|
putty
|
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sit…
|
NVD-CWE-Other
|
CVE-2005-0467
|
2017-07-11 10:32 |
2005-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347285
|
- |
|
wpa_supplicant
gentoo
suse
|
wpa_supplicant
linux
suse_linux
|
Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.
|
NVD-CWE-Other
|
CVE-2005-0470
|
2017-07-11 10:32 |
2005-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347286
|
- |
|
sun
|
jdk
jre
|
Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary …
|
NVD-CWE-Other
|
CVE-2005-0471
|
2017-07-11 10:32 |
2005-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347287
|
- |
|
webcalendar
|
webcalendar
|
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
|
NVD-CWE-Other
|
CVE-2005-0474
|
2017-07-11 10:32 |
2005-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347288
|
- |
|
php_arena
|
pafaq
|
SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to qu…
|
NVD-CWE-Other
|
CVE-2005-0475
|
2017-07-11 10:32 |
2005-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347289
|
- |
|
hpm_guestbook.cgi
|
hpm_guestbook.cgi
|
Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows remote attackers to inject arbitrary web script or HTML by posting a message.
|
NVD-CWE-Other
|
CVE-2005-0476
|
2017-07-11 10:32 |
2005-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347290
|
- |
|
invision_power_services
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post con…
|
CWE-79
Cross-site Scripting
|
CVE-2005-0477
|
2017-07-11 10:32 |
2005-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
