Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4507 | 1 Nexus Concepts | 1 Dev Hound | 2011-03-08 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields. | |||||
| CVE-2005-4359 | 1 Oodie | 1 Odfaq | 2011-03-08 | 6.4 MEDIUM | N/A |
| SQL injection vulnerability in includes/core.inc.php in ODFaq 2.1.0 allows remote attackers to execute arbitrary SQL commands via the (1) cat and (2) srcText parameters to faq.php. | |||||
| CVE-2005-4523 | 1 Mantis | 1 Mantis | 2011-03-08 | 5.0 MEDIUM | N/A |
| Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-4363 | 1 Komodo | 1 Komodo Cms | 2011-03-08 | 5.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search engine in Komodo CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | |||||
| CVE-2005-4387 | 1 Contenite | 1 Contenite | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2005-4394 | 1 Formicary Ltd. | 1 Epix | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in EPiX 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search query parameters. | |||||
| CVE-2005-4569 | 1 Floosietek | 1 Ftgate | 2011-03-08 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value. | |||||
| CVE-2005-4565 | 1 Adtran | 1 Netvanta | 2011-03-08 | 10.0 HIGH | N/A |
| Format string vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via format string specifiers in crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | |||||
| CVE-2005-4375 | 1 Box Uk | 1 Amaxus | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376. | |||||
| CVE-2005-4695 | 1 Symantec | 1 Brightmail Antispam | 2011-03-08 | 5.0 MEDIUM | N/A |
| Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages. | |||||
| CVE-2005-4524 | 1 Mantis | 1 Mantis | 2011-03-08 | 5.0 MEDIUM | N/A |
| Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. | |||||
| CVE-2005-4528 | 1 Chatspot | 1 Chatspot | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-4353 | 1 Toenda Software Development | 1 Toendacms | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-4365 | 1 Flip | 1 Flip | 2011-03-08 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter in text.php and (2) frame parameter in forum.php. | |||||
| CVE-2005-4506 | 1 Nexus Concepts | 1 Dev Hound | 2011-03-08 | 4.6 MEDIUM | N/A |
| Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges. | |||||
| CVE-2005-4492 | 1 Starphire Technologies | 5 Sitesage, Sitesage-ee, Sitesage-le and 2 more | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter. | |||||
| CVE-2005-4564 | 1 Adtran | 1 Netvanta | 2011-03-08 | 5.0 MEDIUM | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to cause a denial of service via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | |||||
| CVE-2005-4479 | 1 Phpslash | 1 Phpslash | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | |||||
| CVE-2005-4369 | 1 The Collective | 1 Acuity Cms | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly strSearchKeywords to browse.asp. | |||||
| CVE-2005-4713 | 1 Pam Mysql | 1 Pam Mysql | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call. | |||||