|
267351
|
- |
|
clam_anti-virus
|
clamav
|
ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.
|
NVD-CWE-Other
|
CVE-2005-0218
|
2008-09-11 04:35 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267352
|
- |
|
phpbb_group
|
phpbb
|
Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0.11, and possibly other versions, with gallery avatars enabled, allows remote attackers to delete (…
|
NVD-CWE-Other
|
CVE-2005-0258
|
2008-09-11 04:35 |
2005-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267353
|
- |
|
phpbb_group
|
phpbb
|
phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, th…
|
NVD-CWE-Other
|
CVE-2005-0259
|
2008-09-11 04:35 |
2005-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267354
|
- |
|
zakon_group
|
openconf
|
Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.
|
NVD-CWE-Other
|
CVE-2005-0407
|
2008-09-11 04:35 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267355
|
- |
|
citrusdb
|
citrusdb
|
CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.php, which allows remote attackers to upload credit card data and obtain sensitive information such …
|
NVD-CWE-Other
|
CVE-2005-0409
|
2008-09-11 04:35 |
2005-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267356
|
- |
|
citrusdb
|
citrusdb
|
SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers to inject data via the fields of a CSV file.
|
NVD-CWE-Other
|
CVE-2005-0410
|
2008-09-11 04:35 |
2005-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267357
|
- |
|
citrusdb
|
citrusdb
|
Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter.
|
NVD-CWE-Other
|
CVE-2005-0411
|
2008-09-11 04:35 |
2005-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267358
|
- |
|
gentoo
|
poppassd_pam
|
poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.
|
NVD-CWE-Other
|
CVE-2005-0002
|
2008-09-11 04:34 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267359
|
- |
|
dmxready
|
dmxready_site_chassis_manager
|
Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
NVD-CWE-Other
|
CVE-2004-2188
|
2008-09-11 04:33 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267360
|
- |
|
david_maciejak
|
athena_web_registration
|
athenareg.php in Athena Web Registration allows remote attackers to execute arbitrary commands via shell metacharacters in the pass parameter.
|
NVD-CWE-Other
|
CVE-2004-1782
|
2008-09-11 04:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
