Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3950 | 1 Nufw | 1 Nufw | 2011-03-08 | 6.8 MEDIUM | N/A |
| nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service via malformed packets. | |||||
| CVE-2005-3923 | 1 Netobjects | 1 Netobjects Fusion | 2011-03-08 | 5.0 MEDIUM | N/A |
| NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive information, including passwords, by downloading the _versioning_repository_/rollbacklog.xml file, then using it to download and modify the associated ZIP file to edit and republish the site. | |||||
| CVE-2005-4301 | 1 Phpxplorer | 1 Phpxplorer | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the address bar field. | |||||
| CVE-2005-3951 | 1 Php Labs | 1 Survey Wizard | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in survey.php in PHP Labs Survey Wizard allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2005-4133 | 1 Sun | 1 Solaris | 2011-03-08 | 2.1 LOW | N/A |
| Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | |||||
| CVE-2005-4024 | 1 Interspire | 1 Fastfind | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Interspire FastFind 2004 and 2005 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2005-3916 | 1 Wsn Forum | 1 Wsn Forum | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action. | |||||
| CVE-2005-3875 | 1 Enterprise Heart | 1 Enterprise Connector | 2011-03-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the messageid parameter in (1) send.php or (2) a delete action in messages.php. | |||||
| CVE-2005-3855 | 1 Easybe | 1 1-2-3 Music Store | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in process.php in 1-2-3 music store allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter. | |||||
| CVE-2005-4018 | 1 Landshop | 1 Real Estate Commerce System | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ls.php in Landshop Real Estate Commerce System 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) start, (2) search_order, (3) search_type, (4) search_area, and (5) keyword parameters. | |||||
| CVE-2005-4302 | 1 Indexcor | 1 Ezdatabase | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter. | |||||
| CVE-2005-3970 | 1 Mxchange | 1 Mxchange | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-3989 | 1 Avaya | 1 Tn2602ap Ip Media Resource 320 Circuit Pack | 2011-03-08 | 7.8 HIGH | N/A |
| Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote attackers to cause a denial of service (memory consumption) via crafted VoIP packets. | |||||
| CVE-2005-3833 | 1 Tunez | 1 Tunez | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to execute arbitrary SQL commands via the song_id parameter. | |||||
| CVE-2005-4292 | 1 Internet Express Products | 1 Commercesql | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords parameter in the Quick Find feature. | |||||
| CVE-2005-3842 | 1 Pdjkeelan.com | 1 Pdjk-support Suite | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in pdjk-support suite 1.1a and earlier allows remote attackers to execute arbitrary SQL commands via the (1) rowstart, (2) news_id, and (3) faq_id parameters. | |||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | |||||
| CVE-2005-4033 | 1 Ali Bousahid | 1 Nodezilla | 2011-03-08 | 5.0 MEDIUM | N/A |
| Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-4085 | 1 Bluecoat | 2 Proxyav, Webproxy | 2011-03-08 | 7.5 HIGH | N/A |
| Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | |||||
| CVE-2005-4020 | 1 Widget Press | 1 Widget Imprint | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in create.php in Widget Imprint 1.0.26 and earlier allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | |||||