|
278411
|
- |
|
limbo_cms
|
limbo_cms
|
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the application via a direct request to (1) doc.inc.php, (2) element.inc.php, and (3) node.inc.php, which leak…
|
CWE-200
Information Exposure
|
CVE-2005-4320
|
2018-10-20 00:40 |
2005-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278412
|
- |
|
apani_networks
|
epiforce_agent
|
The Internet Key Exchange version 1 (IKEv1) implementation in Apani Networks EpiForce 1.9 and earlier running IPSec, allow remote attackers to cause a denial of service (crash) via certain IKE packet…
|
NVD-CWE-Other
|
CVE-2005-4321
|
2018-10-20 00:40 |
2005-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278413
|
- |
|
-
|
-
|
Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt WebCal 1.11-3.04 allow remote attackers to inject arbitrary web script or HTML via the (1) function, (2) year, and (3) date parame…
|
NVD-CWE-Other
|
CVE-2005-4327
|
2018-10-20 00:40 |
2005-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278414
|
- |
|
fetchmail
|
fetchmail
|
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstre…
|
CWE-399
Resource Management Errors
|
CVE-2005-4348
|
2018-10-20 00:40 |
2005-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278415
|
- |
|
linux
netbsd
|
linux_kernel
netbsd
|
The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead …
|
NVD-CWE-Other
|
CVE-2005-4352
|
2018-10-20 00:40 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278416
|
- |
|
phpbb_group
|
phpbb
|
Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary Javascript via a permitted HTML tag with " (quote) character…
|
NVD-CWE-Other
|
CVE-2005-4357
|
2018-10-20 00:40 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278417
|
- |
|
phpbb_group
|
phpbb
|
admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid functio…
|
NVD-CWE-Other
|
CVE-2005-4358
|
2018-10-20 00:40 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278418
|
- |
|
roundcube
|
webmail
|
roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1), allows remote attackers to obtain the full path of the application via an invalid_task parameter, which…
|
CWE-200
Information Exposure
|
CVE-2005-4368
|
2018-10-20 00:40 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278419
|
- |
|
acidcat
|
acidcat
|
SQL injection vulnerability in main_content.asp in Acidcat 2.1.13 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter to default.asp.
|
NVD-CWE-Other
|
CVE-2005-4370
|
2018-10-20 00:40 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278420
|
- |
|
acidcat
|
acidcat
|
Acidcat 2.1.13 and earlier stores the database under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a request to databases/acidcat.md…
|
NVD-CWE-Other
|
CVE-2005-4371
|
2018-10-20 00:40 |
2005-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
