268121
|
- |
|
omnipilot_software
|
lasso_professional_server
|
Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags.
|
NVD-CWE-Other
|
CVE-2005-2605
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268122
|
- |
|
phpsimplicity
|
simplicity_of_upload
|
PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a …
|
NVD-CWE-Other
|
CVE-2005-2607
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268123
|
- |
|
phpsimplicity
|
simplicity_of_upload
|
Download new version of program at http://www.phpsimplicity.com/scripts.php?id=3.
|
NVD-CWE-Other
|
CVE-2005-2607
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268124
|
- |
|
safehtml
|
safehtml
|
SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHT…
|
NVD-CWE-Other
|
CVE-2005-2608
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268125
|
- |
|
vegadns
|
vegadns
|
index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.
|
NVD-CWE-Other
|
CVE-2005-2609
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268126
|
- |
|
vegadns
|
vegadns
|
Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
NVD-CWE-Other
|
CVE-2005-2610
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268127
|
- |
|
wordpress
|
wordpress
|
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
|
NVD-CWE-Other
|
CVE-2005-2612
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268128
|
- |
|
crosscom_olicom
|
discuz
|
Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other mu…
|
NVD-CWE-Other
|
CVE-2005-2614
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268129
|
- |
|
eqdkp
|
eqdkp
|
Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id.
|
NVD-CWE-Other
|
CVE-2005-2615
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268130
|
- |
|
mutt
|
mutt
|
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.
|
NVD-CWE-Other
|
CVE-2005-2642
|
2008-09-6 05:52 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|