270691
|
- |
|
ntlmaps
|
ntlmaps
|
The post-installation script for ntlmaps before 0.9.9 sets world-readable permissions for the configuration file, which allows local users to obtain the username and password.
|
NVD-CWE-Other
|
CVE-2005-2962
|
2008-09-6 05:53 |
2005-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270692
|
- |
|
symantec_veritas
|
storage_exec storagecentral
|
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote at…
|
NVD-CWE-Other
|
CVE-2005-2996
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270693
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the…
|
NVD-CWE-Other
|
CVE-2005-2997
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270694
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.
|
NVD-CWE-Other
|
CVE-2005-2998
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270695
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php.
|
NVD-CWE-Other
|
CVE-2005-2999
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270696
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normal…
|
NVD-CWE-Other
|
CVE-2005-3000
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270697
|
- |
|
-
|
-
|
SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters.
|
NVD-CWE-Other
|
CVE-2005-3003
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270698
|
- |
|
amar_sagoo
|
tofu
|
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
|
NVD-CWE-Other
|
CVE-2005-3008
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270699
|
- |
|
cutephp
|
cutenews
|
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT…
|
NVD-CWE-Other
|
CVE-2005-3010
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270700
|
- |
|
simplecdr-x
|
simplecdr-x
|
The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.
|
NVD-CWE-Other
|
CVE-2005-3012
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|