Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1789 | 1 India Software Solution | 1 Shopping Cart | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2005-1788 | 1 Hosting Controller | 1 Hosting Controller | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote attackers to execute arbitrary SQL commands via the jresourceid parameter. | |||||
| CVE-2005-1784 | 1 Hosting Controller | 1 Hosting Controller | 2008-09-05 | 7.5 HIGH | N/A |
| Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp. | |||||
| CVE-2005-1782 | 1 W.m.r. Simpson | 1 Bookreview | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_review.htm, (3) suggest_category.htm, (4) add_booklist.htm, or (5) add_url.htm, the isbn parameter to (6) add_review.htm, (7) add_contents.htm, (8) add_classification.htm, the (9) chapters parameter to the add_contents page in index.php (aka add_contents.htm), (10) the user parameter to contact.htm, or (11) the submit[string] parameter to search.htm. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE. | |||||
| CVE-2005-1781 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2005-1779 | 1 Maxwebportal | 1 Maxwebportal | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allows remote attackers to execute arbitrary SQL commands via the memKey parameter. | |||||
| CVE-2005-1738 | 1 Iron Bars Shell | 1 Iron Bars Shell | 2008-09-05 | 10.0 HIGH | N/A |
| Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call. | |||||
| CVE-2005-1736 | 1 Electricmonk | 1 Proms | 2008-09-05 | 7.5 HIGH | N/A |
| PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended. | |||||
| CVE-2005-1735 | 1 Electricmonk | 1 Proms | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0.11 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-1734 | 1 Electricmonk | 1 Proms | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-1729 | 1 Novell | 1 Edirectory | 2008-09-05 | 5.0 MEDIUM | N/A |
| Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1. | |||||
| CVE-2005-1728 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials. | |||||
| CVE-2005-1727 | 1 Apple | 1 Mac Os X Server | 2008-09-05 | 3.7 LOW | N/A |
| Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions." | |||||
| CVE-2005-1724 | 1 Apple | 1 Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions. | |||||
| CVE-2005-1723 | 1 Apple | 1 Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attackers to bypass intended restrictions. | |||||
| CVE-2005-1722 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions. | |||||
| CVE-2005-1721 | 1 Apple | 1 Afp Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code. | |||||
| CVE-2005-1720 | 1 Apple | 1 Afp Server | 2008-09-05 | 2.1 LOW | N/A |
| AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | |||||
| CVE-2005-1719 | 1 Alwil | 1 Avast Antivirus | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain viruses. | |||||
| CVE-2005-1718 | 1 Ls Games | 1 War Times | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname. | |||||