268791
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.
|
NVD-CWE-Other
|
CVE-2005-2998
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268792
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php.
|
NVD-CWE-Other
|
CVE-2005-2999
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268793
|
- |
|
bugada_andrea
|
php_advanced_transfer_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normal…
|
NVD-CWE-Other
|
CVE-2005-3000
|
2008-09-6 05:53 |
2005-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268794
|
- |
|
-
|
-
|
SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters.
|
NVD-CWE-Other
|
CVE-2005-3003
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268795
|
- |
|
amar_sagoo
|
tofu
|
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
|
NVD-CWE-Other
|
CVE-2005-3008
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268796
|
- |
|
cutephp
|
cutenews
|
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT…
|
NVD-CWE-Other
|
CVE-2005-3010
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268797
|
- |
|
simplecdr-x
|
simplecdr-x
|
The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.
|
NVD-CWE-Other
|
CVE-2005-3012
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268798
|
- |
|
ensim
|
webppliance
|
Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.
|
NVD-CWE-Other
|
CVE-2005-3014
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268799
|
- |
|
ibm
|
lotus_domino lotus_domino_enterprise_server
|
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.
|
NVD-CWE-Other
|
CVE-2005-3015
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268800
|
- |
|
francisco_burzi
|
php-nuke
|
Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors.
|
NVD-CWE-Other
|
CVE-2005-3016
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|