|
266121
|
- |
|
audienceview
|
audienceview
|
Cross-site scripting (XSS) vulnerability in error.asp in AudienceView allows remote attackers to inject arbitrary web script or HTML via the TSerrorMessage parameter. NOTE: the provenance of this in…
|
NVD-CWE-Other
|
CVE-2005-4682
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266122
|
- |
|
padl_software
|
migrationtools
|
PADL MigrationTools 46, when a failure occurs, stores contents of /etc/shadow in a world-readable /tmp/nis.$$.ldif file, and possibly other sensitive information in other temporary files, which are n…
|
NVD-CWE-Other
|
CVE-2005-4683
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266123
|
- |
|
kde
|
konqueror
|
Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a host…
|
NVD-CWE-Other
|
CVE-2005-4684
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266124
|
- |
|
mozilla
|
firefox
mozilla
|
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie …
|
NVD-CWE-Other
|
CVE-2005-4685
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266125
|
- |
|
-
|
-
|
Unspecified vulnerability in the www_add method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions before 6.7.6 allows attackers to execute arbitrary code via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2005-4694
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266126
|
- |
|
microsoft
|
windows_xp
|
The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API …
|
NVD-CWE-Other
|
CVE-2005-4697
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266127
|
- |
|
tellme
|
tellme
|
Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 91) q_IP (IP) or (2) q_Host (HOST) parameters.
|
NVD-CWE-Other
|
CVE-2005-4698
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266128
|
- |
|
tellme
|
tellme
|
TellMe 1.2 and earlier, when the Server (o_Server) and HEAD (o_Head) options are enabled, allows remote attackers to obtain sensitive information via an invalid q_Host parameter, which reveals the fu…
|
NVD-CWE-Other
|
CVE-2005-4700
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266129
|
- |
|
-
|
-
|
The popSubjectContext method in the SecurityAssociation class in JBoss Enterprise Java Beans (EJB) 3.0 RC3 maintains the threadPrincipal and threadCredential values from a previous client's authentic…
|
NVD-CWE-Other
|
CVE-2005-4709
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266130
|
- |
|
autodesk
|
3ds_max
architectural_desktop
autocad
autocad_civil_3d
autocad_electrical
autocad_lt
autocad_mechanical
building_systems
civil_design
inventor
land_desktop
map_3d
…
|
Unspecified vulnerability in multiple Autodesk and AutoCAD products and product families from 2006 and earlier allows remote attackers to "gain inappropriate access to another local user's computer,"…
|
NVD-CWE-Other
|
CVE-2005-4710
|
2017-07-20 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
