|
264731
|
- |
|
indiatimes_messenger
|
indiatimes_messenger
|
Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long group name argument…
|
NVD-CWE-Other
|
CVE-2005-2844
|
2017-07-11 10:33 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264732
|
- |
|
ariba
|
ariba_spend_management_solutions
|
Ariba Spend Management System sends the username and password to the server in plaintext in a POST request, which allows remote attackers to obtain sensitive information.
|
NVD-CWE-Other
|
CVE-2005-2845
|
2017-07-11 10:33 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264733
|
- |
|
barracuda_networks
|
barracuda_spam_firewall
|
Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
|
NVD-CWE-Other
|
CVE-2005-2848
|
2017-07-11 10:33 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264734
|
- |
|
unclassified_newsboard
|
unclassified_newsboard
|
Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description field.
|
NVD-CWE-Other
|
CVE-2005-2855
|
2017-07-11 10:33 |
2005-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264735
|
- |
|
amember
|
amember
|
Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.ph…
|
NVD-CWE-Other
|
CVE-2005-2865
|
2017-07-11 10:33 |
2005-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264736
|
- |
|
phpcommunitycalendar
|
phpcommunitycalendar
|
Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via the (1) login field in login.php or (…
|
NVD-CWE-Other
|
CVE-2005-2880
|
2017-07-11 10:33 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264737
|
- |
|
phpcommunitycalendar
|
phpcommunitycalendar
|
phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory.
|
NVD-CWE-Other
|
CVE-2005-2881
|
2017-07-11 10:33 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264738
|
- |
|
phpcommunitycalendar
|
phpcommunitycalendar
|
Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID para…
|
NVD-CWE-Other
|
CVE-2005-2882
|
2017-07-11 10:33 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264739
|
- |
|
neocrome
|
land_down_under
|
Cross-site scripting (XSS) vulnerability in events.php in Land Down Under (LDU) 801 and earlier allows remote attackers to inject arbitrary web script or HTML via the Description field in an event.
|
NVD-CWE-Other
|
CVE-2005-2884
|
2017-07-11 10:33 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264740
|
- |
|
maxdev
|
md-pro
|
The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file exten…
|
NVD-CWE-Other
|
CVE-2005-2885
|
2017-07-11 10:33 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
