270351
|
- |
|
spey
|
spey
|
Format string vulnerability in Logger.cc for Spey 0.3.3 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a syslog call.
|
CWE-20
Improper Input Validation
|
CVE-2005-4846
|
2008-09-6 05:57 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270352
|
- |
|
appfluent_technology
|
database_ids
|
Buffer overflow in Appfluent Technology Database IDS 2.0 allows local users to execute arbitrary code via a long APPFLUENT_HOME environment variable.
|
NVD-CWE-Other
|
CVE-2005-4076
|
2008-09-6 05:56 |
2005-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270353
|
- |
|
realnetworks
|
realplayer
|
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPla…
|
NVD-CWE-Other
|
CVE-2005-4126
|
2008-09-6 05:56 |
2005-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270354
|
- |
|
realnetworks
|
realplayer
|
** UNVERIFIABLE, PRERELEASE ** NOTE: this issue describes a problem that can not be independently verified as of 20051208. Unspecified vulnerability in unspecified versions of Real Networks RealPla…
|
NVD-CWE-Other
|
CVE-2005-4130
|
2008-09-6 05:56 |
2005-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270355
|
- |
|
adaptive_technology_resource_centre
|
atutor
|
registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NO…
|
NVD-CWE-Other
|
CVE-2005-4155
|
2008-09-6 05:56 |
2005-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270356
|
- |
|
mambo
|
mambo_open_source_4.5
|
Unspecified vulnerability in Mambo 4.5 (1.0.0) through 4.5 (1.0.9), with magic_quotes_gpc disabled, allows remote attackers to read arbitrary files and possibly cause a denial of service via a query …
|
NVD-CWE-Other
|
CVE-2005-4156
|
2008-09-6 05:56 |
2005-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270357
|
- |
|
efiction_project
|
efiction
|
Cross-site scripting (XSS) vulnerability in eFiction 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the let parameter in a viewlist action to titles.php.
|
NVD-CWE-Other
|
CVE-2005-4167
|
2008-09-6 05:56 |
2005-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270358
|
- |
|
efiction_project
|
efiction
|
Multiple SQL injection vulnerabilities in eFiction 1.0, 1.1, and 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the let parameter in a viewlist action to titles.php and (2) the …
|
NVD-CWE-Other
|
CVE-2005-4168
|
2008-09-6 05:56 |
2005-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270359
|
- |
|
efiction_project
|
efiction
|
The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .ph…
|
NVD-CWE-Other
|
CVE-2005-4171
|
2008-09-6 05:56 |
2005-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270360
|
- |
|
efiction_project
|
efiction
|
eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error m…
|
NVD-CWE-Other
|
CVE-2005-4172
|
2008-09-6 05:56 |
2005-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|