|
270151
|
- |
|
amar_sagoo
|
tofu
|
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
|
NVD-CWE-Other
|
CVE-2005-3008
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270152
|
- |
|
cutephp
|
cutenews
|
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT…
|
NVD-CWE-Other
|
CVE-2005-3010
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270153
|
- |
|
simplecdr-x
|
simplecdr-x
|
The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.
|
NVD-CWE-Other
|
CVE-2005-3012
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270154
|
- |
|
ensim
|
webppliance
|
Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.
|
NVD-CWE-Other
|
CVE-2005-3014
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270155
|
- |
|
ibm
|
lotus_domino
lotus_domino_enterprise_server
|
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.
|
NVD-CWE-Other
|
CVE-2005-3015
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270156
|
- |
|
francisco_burzi
|
php-nuke
|
Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors.
|
NVD-CWE-Other
|
CVE-2005-3016
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270157
|
- |
|
content2web
|
content2web
|
PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosur…
|
NVD-CWE-Other
|
CVE-2005-3017
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270158
|
- |
|
cambridge_computer_corporation
|
vxftpsrv
|
Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name.
|
NVD-CWE-Other
|
CVE-2005-3031
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270159
|
- |
|
cambridge_computer_corporation
|
vxtftpsrv
|
Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument.
|
NVD-CWE-Other
|
CVE-2005-3032
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270160
|
- |
|
cambridge_computer_corporation
|
vxweb
|
Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
|
NVD-CWE-Other
|
CVE-2005-3033
|
2008-09-6 05:53 |
2005-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
