Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1824 | 1 Gnu | 1 Mailutils | 2008-09-05 | 7.5 HIGH | N/A |
| The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks. | |||||
| CVE-2005-1911 | 1 Leafnode | 1 Leafnode | 2008-09-05 | 5.0 MEDIUM | N/A |
| The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss). | |||||
| CVE-2005-1799 | 1 Freestyle | 2 Wiki, Wikilite | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-1877 | 1 Lpanel | 1 Lpanel | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter. | |||||
| CVE-2005-1922 | 1 Clam Anti-virus | 1 Clamav | 2008-09-05 | 5.0 MEDIUM | N/A |
| The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. | |||||
| CVE-2005-1803 | 1 Net Portal Dynamic System | 1 Net Portal Dynamic System | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php. | |||||
| CVE-2005-1970 | 1 Symantec | 1 Pcanywhere | 2008-09-05 | 7.2 HIGH | N/A |
| Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature. | |||||
| CVE-2005-1866 | 1 Vincent Hor | 1 Calendarix Advanced | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter. | |||||
| CVE-2005-1817 | 1 Invision Power Services | 1 Invision Board | 2008-09-05 | 5.0 MEDIUM | N/A |
| Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters. | |||||
| CVE-2005-2040 | 1 Telnetd | 1 Telnetd | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469. | |||||
| CVE-2005-1975 | 1 Annuaire | 1 1two | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter to index.php, or the (2) site_id, (3) nom, (4) email, or (5) commentaire parameters in commentaires.php. | |||||
| CVE-2005-2024 | 1 Vipul | 1 Razor-agents | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers to cause a denial of service via (1) certain "unusual HTML messages" or (2) "certain malformed headers" such as Content-Type. | |||||
| CVE-2005-1917 | 1 Kpopper | 1 Kpopper | 2008-09-05 | 2.1 LOW | N/A |
| kpopper 1.0 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the .popper-new temporary file. | |||||
| CVE-2005-1779 | 1 Maxwebportal | 1 Maxwebportal | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter. | |||||
| CVE-2005-2027 | 1 Enterasys | 1 Vertical Horizon-2402s | 2008-09-05 | 5.0 MEDIUM | N/A |
| Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry. | |||||
| CVE-2005-1964 | 1 Cantico | 1 Ovidentia | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPath parameter. | |||||
| CVE-2005-2038 | 1 Fortibus | 1 Fortibus Cms | 2008-09-05 | 5.0 MEDIUM | N/A |
| Fortibus CMS 4.0.0 allows remote attackers to modify information of other users, including Admin, via the "My info" page. | |||||
| CVE-2005-1962 | 1 Cerberus | 1 Cerberus Helpdesk | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php. | |||||
| CVE-2005-1788 | 1 Hosting Controller | 1 Hosting Controller | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote attackers to execute arbitrary SQL commands via the jresourceid parameter. | |||||
| CVE-2005-1959 | 1 Jammail | 1 Jammail | 2008-09-05 | 7.5 HIGH | N/A |
| jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter. | |||||