|
344801
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensitive information (intranet IP addresses) via unknown attack vectors involving "network address trans…
|
NVD-CWE-Other
|
CVE-2005-4754
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344802
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with …
|
NVD-CWE-Other
|
CVE-2005-4755
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344803
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to ga…
|
NVD-CWE-Other
|
CVE-2005-4756
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344804
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass…
|
NVD-CWE-Other
|
CVE-2005-4757
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344805
|
- |
|
bea
|
weblogic_server
|
Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown atta…
|
NVD-CWE-Other
|
CVE-2005-4758
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344806
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failur…
|
NVD-CWE-Other
|
CVE-2005-4760
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344807
|
- |
|
ez
|
ez_publish
|
The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4852
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344808
|
- |
|
ez
|
ez_publish
|
Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4855
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344809
|
- |
|
xerox
|
copycentre_c65
copycentre_c75
copycentre_c90
workcentre_65
workcentre_75
workcentre_90
|
Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers …
|
NVD-CWE-Other
|
CVE-2006-1136
|
2018-09-28 06:33 |
2006-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344810
|
- |
|
netiq
|
identity_manager
|
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and e…
|
NVD-CWE-Other
|
CVE-2006-4506
|
2018-09-28 06:30 |
2006-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
