|
354441
|
- |
|
emefa
|
emefa_guestbook
|
Cross-site scripting (XSS) vulnerability in sign.asp in Emefa Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, and (3) email parameters.
|
NVD-CWE-Other
|
CVE-2005-2650
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354442
|
- |
|
maildrop
|
maildrop
|
lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments.
|
NVD-CWE-Other
|
CVE-2005-2655
|
2008-09-6 05:52 |
2005-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354443
|
- |
|
polygen
|
polygen
|
Polygen before 1.0.6 generates precompiled grammar objects with world-writable permissions, which allows local users to cause a denial of service (disk consumption) and possibly perform other unautho…
|
NVD-CWE-Other
|
CVE-2005-2656
|
2008-09-6 05:52 |
2005-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354444
|
- |
|
softwolves_software
|
turquoise_superstat
|
Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.
|
NVD-CWE-Other
|
CVE-2005-2658
|
2008-09-6 05:52 |
2005-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354445
|
- |
|
apachetop
|
apachetop
|
apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
|
NVD-CWE-Other
|
CVE-2005-2660
|
2008-09-6 05:52 |
2005-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354446
|
- |
|
hauri
|
livecall
virobot_advanced_server
virobot_expert
virobot_linux_server
|
Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via "…
|
NVD-CWE-Other
|
CVE-2005-2670
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354447
|
- |
|
woltlab
|
burning_board
|
SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2.2 and 2.3.3 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) x or (2) y parameters.
|
NVD-CWE-Other
|
CVE-2005-2673
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354448
|
- |
|
coppermine
|
coppermine_photo_gallery
|
Cross-site scripting (XSS) vulnerability in displayimage.php in Coppermine Photo Gallery before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via EXIF data.
|
NVD-CWE-Other
|
CVE-2005-2676
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354449
|
- |
|
acnews
|
acnews
|
ACNews stores the database in a file under the web document root with a db.inc extension and insufficient access control, which allows remote attackers to obtain sensitive information such as the ful…
|
NVD-CWE-Other
|
CVE-2005-2677
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354450
|
- |
|
sysinternals
|
process_explorer
|
Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a ru…
|
NVD-CWE-Other
|
CVE-2005-2679
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
