|
268281
|
- |
|
midicart_software
|
midicart_php_shopping_cart
|
SQL injection vulnerability in MidiCart allows remote attackers to execute arbitrary SQL commands via the code_no parameter to (1) Item_Show.asp or (2) search_list.asp.
|
NVD-CWE-Other
|
CVE-2005-2601
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268282
|
- |
|
mozilla
|
firefox
thunderbird
|
Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.
|
NVD-CWE-Other
|
CVE-2005-2602
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268283
|
- |
|
omnipilot_software
|
lasso_professional_server
|
Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags.
|
NVD-CWE-Other
|
CVE-2005-2605
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268284
|
- |
|
phpsimplicity
|
simplicity_of_upload
|
PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a …
|
NVD-CWE-Other
|
CVE-2005-2607
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268285
|
- |
|
phpsimplicity
|
simplicity_of_upload
|
Download new version of program at http://www.phpsimplicity.com/scripts.php?id=3.
|
NVD-CWE-Other
|
CVE-2005-2607
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268286
|
- |
|
safehtml
|
safehtml
|
SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHT…
|
NVD-CWE-Other
|
CVE-2005-2608
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268287
|
- |
|
vegadns
|
vegadns
|
index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.
|
NVD-CWE-Other
|
CVE-2005-2609
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268288
|
- |
|
vegadns
|
vegadns
|
Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
NVD-CWE-Other
|
CVE-2005-2610
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268289
|
- |
|
wordpress
|
wordpress
|
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
|
NVD-CWE-Other
|
CVE-2005-2612
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268290
|
- |
|
crosscom_olicom
|
discuz
|
Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other mu…
|
NVD-CWE-Other
|
CVE-2005-2614
|
2008-09-6 05:52 |
2005-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
