268101
|
- |
|
brent_ely
|
gnome_workstation_command_center
|
The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt tempora…
|
NVD-CWE-Other
|
CVE-2005-2944
|
2008-09-6 05:53 |
2005-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268102
|
- |
|
ntlmaps
|
ntlmaps
|
The post-installation script for ntlmaps before 0.9.9 sets world-readable permissions for the configuration file, which allows local users to obtain the username and password.
|
NVD-CWE-Other
|
CVE-2005-2962
|
2008-09-6 05:53 |
2005-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268103
|
- |
|
symantec_veritas
|
storage_exec storagecentral
|
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote at…
|
NVD-CWE-Other
|
CVE-2005-2996
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268104
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the…
|
NVD-CWE-Other
|
CVE-2005-2997
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268105
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.
|
NVD-CWE-Other
|
CVE-2005-2998
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268106
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php.
|
NVD-CWE-Other
|
CVE-2005-2999
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268107
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normal…
|
NVD-CWE-Other
|
CVE-2005-3000
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268108
|
- |
|
-
|
-
|
SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters.
|
NVD-CWE-Other
|
CVE-2005-3003
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268109
|
- |
|
amar_sagoo
|
tofu
|
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
|
NVD-CWE-Other
|
CVE-2005-3008
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268110
|
- |
|
cutephp
|
cutenews
|
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT…
|
NVD-CWE-Other
|
CVE-2005-3010
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|