|
268631
|
- |
|
phpbb_group
|
phpbb
|
phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, th…
|
NVD-CWE-Other
|
CVE-2005-0259
|
2008-09-11 04:35 |
2005-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268632
|
- |
|
zakon_group
|
openconf
|
Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.
|
NVD-CWE-Other
|
CVE-2005-0407
|
2008-09-11 04:35 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268633
|
- |
|
citrusdb
|
citrusdb
|
CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.php, which allows remote attackers to upload credit card data and obtain sensitive information such …
|
NVD-CWE-Other
|
CVE-2005-0409
|
2008-09-11 04:35 |
2005-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268634
|
- |
|
citrusdb
|
citrusdb
|
SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers to inject data via the fields of a CSV file.
|
NVD-CWE-Other
|
CVE-2005-0410
|
2008-09-11 04:35 |
2005-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268635
|
- |
|
citrusdb
|
citrusdb
|
Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter.
|
NVD-CWE-Other
|
CVE-2005-0411
|
2008-09-11 04:35 |
2005-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268636
|
- |
|
gentoo
|
poppassd_pam
|
poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.
|
NVD-CWE-Other
|
CVE-2005-0002
|
2008-09-11 04:34 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268637
|
- |
|
dmxready
|
dmxready_site_chassis_manager
|
Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
NVD-CWE-Other
|
CVE-2004-2188
|
2008-09-11 04:33 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268638
|
- |
|
david_maciejak
|
athena_web_registration
|
athenareg.php in Athena Web Registration allows remote attackers to execute arbitrary commands via shell metacharacters in the pass parameter.
|
NVD-CWE-Other
|
CVE-2004-1782
|
2008-09-11 04:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268639
|
- |
|
openldap
|
openldap
|
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption).
|
NVD-CWE-Other
|
CVE-2004-1880
|
2008-09-11 04:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268640
|
- |
|
apple
|
safari
|
Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "…
|
NVD-CWE-Other
|
CVE-2004-1122
|
2008-09-11 04:29 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
