270821
|
- |
|
savewebportal
|
savewebportal
|
SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demons…
|
NVD-CWE-Other
|
CVE-2005-2685
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270822
|
- |
|
savewebportal
|
savewebportal
|
Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to…
|
NVD-CWE-Other
|
CVE-2005-2686
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270823
|
- |
|
savewebportal
|
savewebportal
|
Multiple cross-site scripting (XSS) vulnerabilities in SaveWebPortal 3.4 allow remote attackers to inject arbitrary web script or HTML via a large number of parameters to (1) footer.php, (2) header.p…
|
NVD-CWE-Other
|
CVE-2005-2688
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270824
|
- |
|
postnuke_software_foundation
|
postnuke
|
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via (1) the moderate parameter to the Comments module or (2) …
|
NVD-CWE-Other
|
CVE-2005-2689
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270825
|
- |
|
postnuke_software_foundation
|
postnuke
|
SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php.
|
NVD-CWE-Other
|
CVE-2005-2690
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270826
|
- |
|
runcms
|
runcms
|
includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing …
|
NVD-CWE-Other
|
CVE-2005-2691
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270827
|
- |
|
runcms
|
runcms
|
Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, th…
|
NVD-CWE-Other
|
CVE-2005-2692
|
2008-09-6 05:52 |
2005-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270828
|
- |
|
symantec_veritas
|
netbackup_data_and_business_center netbackup_enterprise_server_client
|
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, an…
|
NVD-CWE-Other
|
CVE-2005-2715
|
2008-09-6 05:52 |
2005-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270829
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow …
|
NVD-CWE-Other
|
CVE-2005-2742
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270830
|
- |
|
apple
|
quicktime mac_os_x mac_os_x_server
|
The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary…
|
NVD-CWE-Other
|
CVE-2005-2743
|
2008-09-6 05:52 |
2005-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|