|
351281
|
- |
|
phpxmail
|
phpxmail
|
class.xmail.php in PhpXmail 0.7 through 1.1 does not properly handle large passwords, which prevents an error message from being returned and allows remote attackers to bypass authentication and gain…
|
NVD-CWE-Other
|
CVE-2005-2183
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351282
|
- |
|
emc
|
eroom
|
eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file.
|
NVD-CWE-Other
|
CVE-2005-2184
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351283
|
- |
|
emc
|
eroom
|
eRoom does not set an expiration for Cookies, which allows remote attackers to capture cookies and conduct replay attacks.
|
NVD-CWE-Other
|
CVE-2005-2185
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351284
|
- |
|
mcafee
|
intrushield_security_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName …
|
NVD-CWE-Other
|
CVE-2005-2186
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351285
|
- |
|
mcafee
|
intrushield_security_management_system
|
McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using …
|
NVD-CWE-Other
|
CVE-2005-2187
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351286
|
- |
|
mcafee
|
intrushield_security_management_system
|
McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack.
|
NVD-CWE-Other
|
CVE-2005-2188
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351287
|
- |
|
lantronix
|
securelinx
|
Lantronix SecureLinx console server running firmware 2.0 and 3.0 stores /etc/ssh under the web document root with insufficient access control, which allows remote attackers to obtain sensitive inform…
|
NVD-CWE-Other
|
CVE-2005-2189
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351288
|
- |
|
comersus_open_technologies
|
comersus_cart
|
Multiple SQL injection vulnerabilities in Comersus shopping cart allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to comersus_optAffiliateRegistrationExec.asp or (…
|
NVD-CWE-Other
|
CVE-2005-2190
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351289
|
- |
|
comersus_open_technologies
|
comersus_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssig…
|
NVD-CWE-Other
|
CVE-2005-2191
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351290
|
- |
|
alexander_palmo
|
simple_php_blog
|
SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers to obtain passwords via a brute force attack.
|
NVD-CWE-Other
|
CVE-2005-2192
|
2016-10-18 12:25 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
