Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1594 | 1 Codethat | 1 Shoppingcart | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-1434 | 1 Hp | 1 Openview Network Node Manager | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2005-1587 | 1 Open Solution | 1 Quick.cart | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to inject arbitrary web script or HTML via the sWord parameter. | |||||
| CVE-2005-1584 | 1 Open Solution | 1 Quick.forum | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action. | |||||
| CVE-2005-1592 | 1 Birdblog | 1 Birdblog | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | |||||
| CVE-2005-1580 | 1 Boastmachine | 1 Boastmachine | 2008-09-05 | 7.5 HIGH | N/A |
| users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-1572 | 1 Wenig And Spitzer-williams | 1 Showoff Digital Media Software | 2008-09-05 | 5.0 MEDIUM | N/A |
| ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083. | |||||
| CVE-2005-1522 | 1 Gnu | 1 Mailutils | 2008-09-05 | 5.0 MEDIUM | N/A |
| The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. | |||||
| CVE-2005-1718 | 1 Ls Games | 1 War Times | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname. | |||||
| CVE-2005-1723 | 1 Apple | 1 Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions. | |||||
| CVE-2005-1607 | 1 Remote Cart | 1 Remote Cart | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart allows remote attackers to inject arbitrary web script or HTML via the (1) merchant or (2) demo parameters. | |||||
| CVE-2005-1412 | 1 Ecomm | 1 Professional Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter. | |||||
| CVE-2005-1444 | 1 Sitepanel | 1 Sitepanel | 2008-09-05 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to inject arbitrary web script or HTML via (1) the v, show, or sec_name parameters to main.php, (2) the inadmin, newsev, or postid parameters to 5.php, or (3) the id parameter to 0.php. | |||||
| CVE-2005-1388 | 1 Survivor | 1 Survivor | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-1571 | 1 Wenig And Spitzer-williams | 1 Showoff Digital Media Software | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic scripts. | |||||
| CVE-2005-1422 | 1 Raysoft | 1 Video Cam Server | 2008-09-05 | 7.5 HIGH | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. | |||||
| CVE-2005-1675 | 1 Groove | 2 Groove Workspace, Virtual Office | 2008-09-05 | 4.6 MEDIUM | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | |||||
| CVE-2005-1593 | 1 Codethat | 1 Shoppingcart | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2005-1404 | 1 Myphp Forum | 1 Myphp Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php. | |||||
| CVE-2005-1590 | 1 Altiris | 2 Client Service, Deployment Solution | 2008-09-05 | 4.6 MEDIUM | N/A |
| The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070. | |||||