|
346461
|
- |
|
open_webmail
|
open_webmail
|
Cross-site scripting (XSS) vulnerability in openwebmail-main.pl in OpenWebMail 2.41 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter.
|
NVD-CWE-Other
|
CVE-2005-2863
|
2016-10-18 12:30 |
2005-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346462
|
- |
|
-
|
-
|
URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a symlink attack on the (1) high score or (2) save game files.
|
NVD-CWE-Other
|
CVE-2005-2864
|
2016-10-18 12:30 |
2005-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346463
|
- |
|
ecw-shop
|
ecw-shop
|
ECW-Shop 6.0.2 allows remote attackers to reduce the total cost of their shopping cart by specifying a negative quantity for an item, which causes the price of the item to be subtracted from the tota…
|
NVD-CWE-Other
|
CVE-2005-2623
|
2016-10-18 12:29 |
2005-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346464
|
- |
|
cpaint
|
cpaint
|
Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaint_argument[] parameter to (1) calculator.asp or (2) cpaintfile.asp, which is directly …
|
NVD-CWE-Other
|
CVE-2005-2624
|
2016-10-18 12:29 |
2005-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346465
|
- |
|
cpaint
|
cpaint
|
Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is …
|
NVD-CWE-Other
|
CVE-2005-2625
|
2016-10-18 12:29 |
2005-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346466
|
- |
|
phptb
|
topic_boards
|
Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute…
|
NVD-CWE-Other
|
CVE-2005-2633
|
2016-10-18 12:29 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346467
|
- |
|
phpfreenews
|
phpfreenews
|
Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Match or (2) CatID parameter to SearchResults.php, or (3) t…
|
NVD-CWE-Other
|
CVE-2005-2637
|
2016-10-18 12:29 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346468
|
- |
|
phpfreenews
|
phpfreenews
|
Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.ph…
|
NVD-CWE-Other
|
CVE-2005-2638
|
2016-10-18 12:29 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346469
|
- |
|
valusoft
|
chris_moneymakers_world_poker_championship
|
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
|
NVD-CWE-Other
|
CVE-2005-2639
|
2016-10-18 12:29 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346470
|
- |
|
neoteris
juniper
netscreen
|
instant_virtual_extranet
netscreen_screenos
ns-10
ns-100
ns-204
ns-500
ns-50ns25
netscreen-5gt
netscreen-idp
netscreen-idp_10
netscreen-idp_100
netscreen-idp_1000
…
|
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid user…
|
NVD-CWE-Other
|
CVE-2005-2640
|
2016-10-18 12:29 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
