Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4285 | 1 Dick Copits | 1 Pdestore | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters. | |||||
| CVE-2005-4235 | 1 Whmcompletesolution | 1 Whmcompletesolution | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2005-3917 | 1 Commodityrentals | 1 Commodityrentals | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in usersession in CommodityRentals 2.0 Online Rental Business Creator script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
| CVE-2005-4262 | 1 Envolution | 1 Envolution | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. NOTE: this issue might be resultant from the SQL injection problem (CVE-2005-4263). | |||||
| CVE-2005-3471 | 1 Mailscanner | 1 Mailscanner | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the ruleset view for MailWatch for MailScanner 1.0.2 allows remote attackers to access arbitrary files. | |||||
| CVE-2005-3663 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2011-03-08 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. | |||||
| CVE-2005-3500 | 1 Clam Anti-virus | 1 Clamav | 2011-03-08 | 5.0 MEDIUM | N/A |
| The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block. | |||||
| CVE-2005-3674 | 1 Sun | 1 Solaris | 2011-03-08 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2005-3504 | 1 Ibm | 1 Aix | 2011-03-08 | 7.5 HIGH | N/A |
| Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code. | |||||
| CVE-2005-3639 | 1 Ubertec | 1 Help Center Live | 2011-03-08 | 7.5 HIGH | N/A |
| PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remote attackers to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability. | |||||
| CVE-2005-3685 | 1 Virtual Programming | 1 Vp-asp | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter. | |||||
| CVE-2005-3424 | 1 Gnu | 1 Gnump3d | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425. | |||||
| CVE-2005-3507 | 1 Cutephp | 1 Cutenews | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary files, execute code, and gain privileges via "../" sequences in the template parameter to (1) show_archives.php and (2) show_news.php. | |||||
| CVE-2005-3336 | 1 Mantis | 1 Mantis | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-3258 | 1 Squid | 1 Squid | 2011-03-08 | 5.0 MEDIUM | N/A |
| The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. | |||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | |||||
| CVE-2005-3468 | 1 F-secure | 2 F-secure Anti-virus, Internet Gatekeeper | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files. | |||||
| CVE-2005-3691 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands. | |||||
| CVE-2005-3303 | 1 Clam Anti-virus | 1 Clamav | 2011-03-08 | 7.5 HIGH | N/A |
| The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file. | |||||
| CVE-2005-3572 | 1 Peel | 1 Peel | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. | |||||