270281
|
- |
|
reamday_enterprises
|
magic_news_plus
|
settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_pas…
|
NVD-CWE-Other
|
CVE-2006-0157
|
2008-09-6 05:58 |
2006-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270282
|
- |
|
qualityebiz
|
quality_ppc
|
Cross-site scripting (XSS) vulnerability in admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to inject arbitrary web script or HTML via the cpage parameter. NOTE: t…
|
NVD-CWE-Other
|
CVE-2006-0215
|
2008-09-6 05:58 |
2006-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270283
|
- |
|
qualityebiz
|
quality_ppc
|
admin.php in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 allows remote attackers to obtain sensitive information, possibly the installation path of the application, via unspecified "meta characters…
|
NVD-CWE-Other
|
CVE-2006-0216
|
2008-09-6 05:58 |
2006-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270284
|
- |
|
joomla
|
joomla
|
Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and atta…
|
NVD-CWE-Other
|
CVE-2006-0303
|
2008-09-6 05:58 |
2006-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270285
|
- |
|
chitta
|
mimicboard_2
|
Multiple cross-site scripting (XSS) vulnerabilities in mimic2.cgi in mimicboard2 (Mimic2) 086 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified parameters asso…
|
NVD-CWE-Other
|
CVE-2005-4858
|
2008-09-6 05:58 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270286
|
- |
|
chitta
|
mimicboard_2
|
In addition to the sites referenced. http://secunia.com/product/5681/ gives an advisory for the vulnerability as well as additional descripton.
|
NVD-CWE-Other
|
CVE-2005-4858
|
2008-09-6 05:58 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270287
|
- |
|
chitta
|
mimicboard
|
mimicboard2 (Mimic2) 086 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mi…
|
NVD-CWE-Other
|
CVE-2005-4859
|
2008-09-6 05:58 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270288
|
- |
|
jasio.net
|
ragnarok_online_control_panel
|
functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows remote attackers to bypass authentication by requesting account_manage.php with a trailing "/login.php" PHP_SELF value, which is no…
|
CWE-287
Improper Authentication
|
CVE-2005-4861
|
2008-09-6 05:58 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270289
|
- |
|
xwiki
|
xwiki
|
The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password.
|
CWE-255
Credentials Management
|
CVE-2005-4862
|
2008-09-6 05:58 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270290
|
- |
|
hitachi
|
business_logic
|
Multiple SQL injection vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to ex…
|
NVD-CWE-Other
|
CVE-2005-4578
|
2008-09-6 05:57 |
2005-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|