|
348351
|
- |
|
entergal_mx
|
entergal_mx
|
SQL injection vulnerability in index.php in Entergal MX 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idcat parameter in a showcat action and (2) the action parameter.
|
NVD-CWE-Other
|
CVE-2005-3958
|
2017-07-20 10:29 |
2005-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348352
|
- |
|
citrix
|
metaframe_secure_access_manager
nfuse
|
Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML…
|
NVD-CWE-Other
|
CVE-2005-3971
|
2017-07-20 10:29 |
2005-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348353
|
- |
|
duware
|
duamazon
duarticle
duclassified
dudirectory
dudirectory_pro
dudirectory_pro_sql
dudownload
dugallery
dunews
dupaypal
dupaypal_pro
|
SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon 3.1, (2) DUarticle 1.1, (3) DUclassified 4.2, (4) DUdirectory 3.1 and DUdirectory Pro 3.0 and 3.0 S…
|
NVD-CWE-Other
|
CVE-2005-3976
|
2017-07-20 10:29 |
2005-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348354
|
- |
|
verosky_media
|
instant_photo_gallery
|
Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter in portfolio.php and (2) cid parame…
|
NVD-CWE-Other
|
CVE-2005-3986
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348355
|
- |
|
solupress
|
solupress_news
|
Cross-site scripting (XSS) vulnerability in search.asp in Solupress News 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
|
NVD-CWE-Other
|
CVE-2005-3998
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348356
|
- |
|
sitebeater
|
sitebeater_mp3_catalog
|
Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
|
NVD-CWE-Other
|
CVE-2005-3999
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348357
|
- |
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in archive.asp in SiteBeater News System 4.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the sKeywords parameter.
|
NVD-CWE-Other
|
CVE-2005-4000
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348358
|
- |
|
sensation_designs
|
kbase_express
|
SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.p…
|
NVD-CWE-Other
|
CVE-2005-4010
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348359
|
- |
|
php_web
|
statistik
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP Web Statistik 1.4 allows remote attackers to inject arbitrary web script or HTML via (1) the lastnumber parameter to stat.php and (2) the HT…
|
NVD-CWE-Other
|
CVE-2005-4012
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348360
|
- |
|
php_web
|
statistik
|
PHP Web Statistik 1.4 stores the stat.cfg file under the web root with insufficient access control, which allows remote attackers to obtain sensitive information such as statistics and the log direct…
|
NVD-CWE-Other
|
CVE-2005-4013
|
2017-07-20 10:29 |
2005-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
