|
357481
|
- |
|
pixel-apes_group
|
safehtml
|
Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow remote attackers to bypass cross-site scripting (XSS) protection via (1) "decimal HTML entities" or (2) "the \x00 symbol."
|
NVD-CWE-Other
|
CVE-2005-0648
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357482
|
- |
|
pixel-apes_group
|
safehtml
|
Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass cross-site scripting (XSS) protection via "hexadecimal HTML entities."
|
NVD-CWE-Other
|
CVE-2005-0649
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357483
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.
|
NVD-CWE-Other
|
CVE-2005-0653
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357484
|
- |
|
adalis
|
d-forum
|
Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.…
|
NVD-CWE-Other
|
CVE-2005-0660
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357485
|
- |
|
woltlab
|
burning_board
|
SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or…
|
NVD-CWE-Other
|
CVE-2005-0661
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357486
|
- |
|
mercuryboard
|
mercuryboard
|
Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field.
|
NVD-CWE-Other
|
CVE-2005-0662
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357487
|
- |
|
john_bradley
|
xv
|
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename.
|
NVD-CWE-Other
|
CVE-2005-0665
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357488
|
- |
|
the_pax_team
|
pax_linux
|
Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass in…
|
NVD-CWE-Other
|
CVE-2005-0666
|
2008-09-6 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357489
|
- |
|
sylpheed
sylpheed-claws
altlinux
gentoo
redhat
|
sylpheed
sylpheed-claws
alt_linux
linux
enterprise_linux
fedora_core
linux_advanced_workstation
|
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters t…
|
NVD-CWE-Other
|
CVE-2005-0667
|
2008-09-6 05:46 |
2005-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357490
|
- |
|
christian_hilgers
|
http_anti_virus_proxy_\(havp\)
|
Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (2) .ZIP files.
|
NVD-CWE-Other
|
CVE-2005-0668
|
2008-09-6 05:46 |
2005-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
