|
256911
|
- |
|
sun
apache_tomcat
|
javamail
apache_tomcat
|
JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache d…
|
CWE-200
Information Exposure
|
CVE-2005-1754
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256912
|
- |
|
todd_miller
|
sudo
|
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE a…
|
NVD-CWE-Other
|
CVE-2005-1831
|
2024-08-8 07:15 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256913
|
- |
|
solstice
|
solstice_internet_mail_server
|
JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remo…
|
CWE-20
Improper Input Validation
|
CVE-2005-1682
|
2024-08-8 07:15 |
2005-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256914
|
- |
|
fishnet
|
fishcart
|
Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) cartid parameter to upstnt.php or (2) psku parameter to display.php. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2005-1487
|
2024-08-8 07:15 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256915
|
- |
|
open_solution
|
quick.cart
|
SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iCategory parameter. NOTE: the vendor has privately disputed this issu…
|
NVD-CWE-Other
|
CVE-2005-1588
|
2024-08-8 07:15 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256916
|
- |
|
ariadne
|
ariadne_cms
|
NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ari…
|
NVD-CWE-Other
|
CVE-2005-1181
|
2024-08-8 07:15 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256917
|
- |
|
netiq
|
pssecure
|
Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib…
|
NVD-CWE-Other
|
CVE-2005-1244
|
2024-08-8 07:15 |
2005-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256918
|
- |
|
calendarscript
|
calendarscript
|
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via th…
|
NVD-CWE-Other
|
CVE-2005-1145
|
2024-08-8 07:15 |
2005-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256919
|
- |
|
calendarscript
|
calendarscript
|
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in the login command in calendar.pl in CalendarScript 3.21 allows remote attackers to inject arbitrary web …
|
NVD-CWE-Other
|
CVE-2005-1146
|
2024-08-8 07:15 |
2005-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256920
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2024-6989
|
2024-08-8 07:10 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
