Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0927 | 1 Web-app.org | 1 Webapp | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences. | |||||
| CVE-2005-0923 | 1 Symantec | 3 Norton Antivirus, Norton Internet Security, Norton System Works | 2008-09-05 | 2.1 LOW | N/A |
| The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share. | |||||
| CVE-2005-0922 | 1 Symantec | 3 Norton Antivirus, Norton Internet Security, Norton System Works | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. | |||||
| CVE-2005-0921 | 1 Microsoft | 1 Outlook Connector | 2008-09-05 | 4.6 MEDIUM | N/A |
| Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. | |||||
| CVE-2005-0920 | 1 Bugtracker.net | 1 Bugtracker.net | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-0917 | 1 Powerdev | 1 Encapsbb | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index_header.php for EncapsBB 0.3.2_fixed, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the root parameter. | |||||
| CVE-2005-0916 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 2.1 LOW | N/A |
| AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail. | |||||
| CVE-2005-0915 | 1 Webmasters-debutants | 1 Wd Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to (1) ajout_admin2.php or (2) suppr.php. | |||||
| CVE-2005-0914 | 1 Cpg-nuke | 1 Cpg Dragonfly Cms | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter. | |||||
| CVE-2005-0912 | 1 Deplate | 1 Deplate | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb. | |||||
| CVE-2005-0911 | 1 E-xoops | 1 E-xoops | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php. | |||||
| CVE-2005-0910 | 1 E-xoops | 1 E-xoops | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbitrary web script or HTML via (1) the sortdays parameter to viewforum.php or (2) the viewcat parameter to index.php. | |||||
| CVE-2005-0908 | 1 Valdersoft | 1 Valdersoft Shopping Cart | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php. | |||||
| CVE-2005-0907 | 1 Valdersoft | 1 Shopping Cart | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to category.php, (2) the id parameter to item.php, (3) the lang parameter to index.php, (4) the searchQuery parameter to search_result.php, (5) or the searchTopCategoryID parameter to search_result.php. | |||||
| CVE-2005-0906 | 3 Instance Four, Sacred, Ubi Soft | 3 Tincat, Sacred, The Settlersheritage Of Kings | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-0890 | 1 Dream4 | 1 Koobi Cms | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | |||||
| CVE-2005-0889 | 1 Dream4 | 1 Koobi Cms | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | |||||
| CVE-2005-0886 | 1 Invision Power Services | 1 Invision Board | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request. | |||||
| CVE-2005-0865 | 1 Securecomputing | 1 Samsung Adsl Modem | 2008-09-05 | 7.5 HIGH | N/A |
| Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user users, which allows remote attackers to gain privileges via Telnet or an HTTP request to adsl.cgi. | |||||
| CVE-2005-0864 | 1 Securecomputing | 1 Samsung Adsl Modem | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other products, allows remote attackers to read arbitrary files via a full pathname in the HTTP request. | |||||