|
347541
|
- |
|
cfmagic
|
magic_book_personal
magic_book_professional
|
Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter.
|
NVD-CWE-Other
|
CVE-2005-4177
|
2017-07-20 10:29 |
2005-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347542
|
- |
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows remote attackers to inject arbitrary web script or HTML via the $_SERVER['PHP_SELF'] variable.
|
NVD-CWE-Other
|
CVE-2005-4193
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347543
|
- |
|
internet_scout
|
scout_portal_toolkit
|
Multiple cross-site scripting (XSS) vulnerabilities in Scout Portal Toolkit (SPT) 1.3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the ss parameter in SPT--Quic…
|
NVD-CWE-Other
|
CVE-2005-4196
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347544
|
- |
|
netref
|
netref
|
SQL injection vulnerability in index.php in Netref 3.0 allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the provenance of this issue is unknown; the details were…
|
CWE-89
SQL Injection
|
CVE-2005-4198
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347545
|
- |
|
showalbumonline
|
my_album_online
|
Directory traversal vulnerability in My Album Online 1.0 allows remote attackers to access arbitrary files via ".../" (triple dot) sequences in unspecified vectors.
|
NVD-CWE-Other
|
CVE-2005-4201
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347546
|
- |
|
logisphere
|
logisphere
|
Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) "..." (triple dot), and (3) "..//" sequences in the URL, (…
|
NVD-CWE-Other
|
CVE-2005-4202
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347547
|
- |
|
logisphere
|
logisphere
|
LogiSphere 0.9.9j does not restrict the number of messages that can be sent, which allows remote attackers to cause a denial of service by sending a large number of messages via the msg command. NOT…
|
NVD-CWE-Other
|
CVE-2005-4203
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347548
|
- |
|
alt-n
|
mdaemon
worldclient
|
WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents t…
|
CWE-94
Code Injection
|
CVE-2005-4209
|
2017-07-20 10:29 |
2005-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347549
|
- |
|
macromedia
|
flash_media_server
|
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote attackers to cause a denial of service (application crash) via a malformed request with a single cha…
|
NVD-CWE-Other
|
CVE-2005-4216
|
2017-07-20 10:29 |
2005-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347550
|
- |
|
apple
|
mac_os_x_server
|
Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<" variable to set uid, which allows attackers to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4217
|
2017-07-20 10:29 |
2005-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
