|
347661
|
- |
|
tellme
|
tellme
|
Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 91) q_IP (IP) or (2) q_Host (HOST) parameters.
|
NVD-CWE-Other
|
CVE-2005-4698
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347662
|
- |
|
tellme
|
tellme
|
TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) options are enabled, allows remote attackers to obtain sensitive information via an invalid q_Host parameter, which reveals the fu…
|
NVD-CWE-Other
|
CVE-2005-4700
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347663
|
- |
|
-
|
-
|
The popSubjectContext method in the SecurityAssociation class in JBoss Enterprise Java Beans (EJB) 3.0 RC3 maintains the threadPrincipal and threadCredential values from a previous client's authentic…
|
NVD-CWE-Other
|
CVE-2005-4709
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347664
|
- |
|
autodesk
|
3ds_max
architectural_desktop
autocad
autocad_civil_3d
autocad_electrical
autocad_lt
autocad_mechanical
building_systems
civil_design
inventor
land_desktop
map_3d
…
|
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer,"…
|
NVD-CWE-Other
|
CVE-2005-4710
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347665
|
- |
|
-
|
-
|
SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is un…
|
CWE-89
SQL Injection
|
CVE-2005-4711
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347666
|
- |
|
openvmps
|
openvmps
|
Format string vulnerability in the vmps_log function in OpenVMPS (VLAN Management Policy Server) 1.3 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-Other
|
CVE-2005-4714
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347667
|
- |
|
francisco_burzi
|
php-nuke
|
Multiple SQL injection vulnerabilities in modules.php in PHP-Nuke 7.8, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) sid, and (3) p…
|
NVD-CWE-Other
|
CVE-2005-4715
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347668
|
- |
|
the_media_shoppe_berhad
|
tmspublisher
|
Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
NVD-CWE-Other
|
CVE-2005-4721
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347669
|
- |
|
the_media_shoppe_berhad
|
tmspublisher
|
_Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to obtain sensitive information via an invalid id argument to pagename.cfm, which reveals the installation path in an error message.
|
NVD-CWE-Other
|
CVE-2005-4722
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347670
|
- |
|
-
|
-
|
SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field in an HTTP header.
|
NVD-CWE-Other
|
CVE-2005-4724
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
