|
352761
|
- |
|
atari
|
terminator_3_war_of_the_machines
|
Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a large nickname.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-1775
|
2016-11-26 03:27 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352762
|
- |
|
phpstat
|
phpstat
|
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable.
|
CWE-20
Improper Input Validation
|
CVE-2005-1787
|
2016-11-26 03:27 |
2005-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352763
|
- |
|
postnuke_software_foundation
|
postnuke
|
Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2005-1778
|
2016-11-26 03:26 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352764
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0855.
|
NVD-CWE-noinfo
|
CVE-2010-0086
|
2016-11-19 12:02 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352765
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2010-0086.
|
NVD-CWE-noinfo
|
CVE-2010-0855
|
2016-11-19 12:02 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352766
|
- |
|
viewcvs
|
viewcvs
|
Cross-site scripting vulnerability in viewcvs.cgi for ViewCVS 0.9.2 allows remote attackers to inject script and steal cookies via the (1) cvsroot or (2) sortby parameters.
|
NVD-CWE-Other
|
CVE-2002-0771
|
2016-11-19 11:59 |
2002-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352767
|
- |
|
microsoft
|
internet_explorer
|
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by enc…
|
CWE-20
Improper Input Validation
|
CVE-2000-0400
|
2016-11-8 03:25 |
2000-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352768
|
- |
|
siteatschool
|
siteatschool
|
PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/incl…
|
NVD-CWE-Other
|
CVE-2006-4921
|
2016-10-18 12:41 |
2006-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352769
|
- |
|
hotplug_cms
|
hotplug_cms
|
SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (…
|
NVD-CWE-Other
|
CVE-2006-3190
|
2016-10-18 12:40 |
2006-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352770
|
- |
|
banex
|
banex
|
Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) …
|
NVD-CWE-Other
|
CVE-2006-3963
|
2016-10-18 12:40 |
2006-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
