|
270581
|
- |
|
wenig_and_spitzer-williams
|
showoff_digital_media_software
|
Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic s…
|
NVD-CWE-Other
|
CVE-2005-1571
|
2008-09-6 05:49 |
2005-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270582
|
- |
|
wenig_and_spitzer-williams
|
showoff_digital_media_software
|
ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083.
|
NVD-CWE-Other
|
CVE-2005-1572
|
2008-09-6 05:49 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270583
|
- |
|
mozilla
|
firefox
|
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containi…
|
NVD-CWE-Other
|
CVE-2005-1575
|
2008-09-6 05:49 |
2005-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270584
|
- |
|
mozilla
|
firefox
|
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selec…
|
NVD-CWE-Other
|
CVE-2005-1576
|
2008-09-6 05:49 |
2005-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270585
|
- |
|
apg_technology
|
classmaster
|
APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share.
|
NVD-CWE-Other
|
CVE-2005-1577
|
2008-09-6 05:49 |
2005-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270586
|
- |
|
guidance_software
|
encase
|
EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
|
NVD-CWE-Other
|
CVE-2005-1578
|
2008-09-6 05:49 |
2005-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270587
|
- |
|
boastmachine
|
boastmachine
|
users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2005-1580
|
2008-09-6 05:49 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270588
|
- |
|
eric_fichot
|
bug_report
|
Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bug_report.php, which are not filtered or quoted when p…
|
NVD-CWE-Other
|
CVE-2005-1581
|
2008-09-6 05:49 |
2005-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270589
|
- |
|
1two
|
1two_news
|
Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) nom, (2) email, (3) siteweb, or (4) commentaire vari…
|
NVD-CWE-Other
|
CVE-2005-1582
|
2008-09-6 05:49 |
2005-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270590
|
- |
|
1two
|
1two_news
|
1Two News 1.0 allows remote attackers to (1) delete images for new stories via a direct request to admin/delete.php or (2) upload arbitrary images via a direct request to admin/upload.php.
|
NVD-CWE-Other
|
CVE-2005-1583
|
2008-09-6 05:49 |
2005-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
