|
347591
|
- |
|
livejournal
|
livejournal
|
Validate-before-filter vulnerability in cleanhtml.pl 1.129 in LiveJournal CVS before Dec 7 2005, when the cleancss option is enabled, allows remote attackers to conduct cross-site scripting (XSS) att…
|
NVD-CWE-Other
|
CVE-2005-4454
|
2017-07-20 10:29 |
2005-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347592
|
- |
|
musicbox
|
musicbox
|
SQL injection vulnerability in MusicBox 2.3 allows remote attackers to execute arbitrary SQL commands via the (1) show and (2) type parameter. NOTE: the provenance of this information is unknown, al…
|
CWE-89
SQL Injection
|
CVE-2005-4500
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347593
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inli…
|
NVD-CWE-Other
|
CVE-2005-4501
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347594
|
- |
|
apple
|
safari
textedit
mac_os_x
mac_os_x_server
|
The khtml::RenderTableSection::ensureRows function in KHTMLParser in Apple Mac OS X 10.4.3 and earlier, as used by Safari and TextEdit, allows remote attackers to cause a denial of service (memory co…
|
NVD-CWE-Other
|
CVE-2005-4504
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347595
|
- |
|
mcafee
|
common_management_agent
virusscan_enterprise
|
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C:…
|
NVD-CWE-Other
|
CVE-2005-4505
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347596
|
- |
|
parallel_tools_consortium
|
ptools
|
SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. NOTE: the provenance of this information is unknown; the details …
|
NVD-CWE-Other
|
CVE-2005-4509
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347597
|
- |
|
curtis_hawthorne
|
tn3270_resource_gateway
|
Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls.
|
NVD-CWE-Other
|
CVE-2005-4511
|
2017-07-20 10:29 |
2005-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347598
|
- |
|
direct_news
|
direct_news
|
Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via (1) the setLang parameter in index.php and (2) unspecified search module paramet…
|
NVD-CWE-Other
|
CVE-2005-4527
|
2017-07-20 10:29 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347599
|
- |
|
alstrasoft
|
epay
|
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Enterprise 3.0 (formerly DoPays) allow remote attackers to inject arbitrary web script or HTML via multiple unspecified paramete…
|
NVD-CWE-Other
|
CVE-2005-4530
|
2017-07-20 10:29 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347600
|
- |
|
scponly
|
scponly
|
scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in thei…
|
NVD-CWE-Other
|
CVE-2005-4532
|
2017-07-20 10:29 |
2005-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
