|
352001
|
- |
|
flatnuke
|
flatnuke
|
FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by …
|
NVD-CWE-Other
|
CVE-2005-4448
|
2017-07-20 10:29 |
2005-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352002
|
- |
|
flatnuke
|
flatnuke
|
verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter…
|
NVD-CWE-Other
|
CVE-2005-4449
|
2017-07-20 10:29 |
2005-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352003
|
- |
|
information_call_center
|
information_call_center
|
Information Call Center stores the CallCenterData.mdb database under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and…
|
NVD-CWE-Other
|
CVE-2005-4452
|
2017-07-20 10:29 |
2005-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352004
|
- |
|
livejournal
|
livejournal
|
Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJournal CVS before Dec 7 2005, when the cleancss option is enabled, allows remote attackers to conduct cross-site scripting (XSS) att…
|
NVD-CWE-Other
|
CVE-2005-4454
|
2017-07-20 10:29 |
2005-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352005
|
- |
|
musicbox
|
musicbox
|
SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, al…
|
CWE-89
SQL Injection
|
CVE-2005-4500
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352006
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inli…
|
NVD-CWE-Other
|
CVE-2005-4501
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352007
|
- |
|
apple
|
safari
textedit
mac_os_x
mac_os_x_server
|
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory co…
|
NVD-CWE-Other
|
CVE-2005-4504
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352008
|
- |
|
mcafee
|
common_management_agent
virusscan_enterprise
|
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C:…
|
NVD-CWE-Other
|
CVE-2005-4505
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352009
|
- |
|
parallel_tools_consortium
|
ptools
|
SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. NOTE: the provenance of this information is unknown; the details …
|
NVD-CWE-Other
|
CVE-2005-4509
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352010
|
- |
|
curtis_hawthorne
|
tn3270_resource_gateway
|
Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls.
|
NVD-CWE-Other
|
CVE-2005-4511
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
