|
313751
|
- |
|
phphandicapper
|
php_handicapper
|
SQL injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to execute arbitrary SQL commands via the serviceid parameter. NOTE: on 20060210, the vendor disputed thi…
|
CWE-89
SQL Injection
|
CVE-2005-3497
|
2024-08-8 09:15 |
2005-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313752
|
- |
|
jelsoft
|
vbulletin
|
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web s…
|
NVD-CWE-Other
|
CVE-2004-0091
|
2024-08-8 09:15 |
2004-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313753
|
- |
|
filezilla
|
filezilla
|
NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's p…
|
NVD-CWE-Other
|
CVE-2005-2898
|
2024-08-8 08:15 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313754
|
- |
|
neocrome
|
land_down_under
|
Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c …
|
NVD-CWE-Other
|
CVE-2005-2674
|
2024-08-8 08:15 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313755
|
- |
|
neocrome
|
land_down_under
|
Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter…
|
NVD-CWE-Other
|
CVE-2005-2675
|
2024-08-8 08:15 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313756
|
- |
|
incredible_interactive
|
dragonfly_commerce
|
Dragonfly Commerce allows remote attackers to change a product price by modifying the x_DragonflyCartProductPrice hidden field to (1) dc_Categorieslist.asp, (2) dc_Categoriesview.asp, (3) dc_products…
|
NVD-CWE-Other
|
CVE-2005-2220
|
2024-08-8 08:15 |
2005-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313757
|
- |
|
incredible_interactive
|
dragonfly_commerce
|
Multiple SQL injection vulnerabilities in Dragonfly Commerce allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via the (1) key parameter to dc_Categoriesvie…
|
NVD-CWE-Other
|
CVE-2005-2221
|
2024-08-8 08:15 |
2005-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313758
|
- |
|
sun
|
javamail
|
ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@doma…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-1753
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313759
|
- |
|
sun
apache_tomcat
|
javamail
apache_tomcat
|
JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache d…
|
CWE-200
Information Exposure
|
CVE-2005-1754
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313760
|
- |
|
todd_miller
|
sudo
|
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE a…
|
NVD-CWE-Other
|
CVE-2005-1831
|
2024-08-8 07:15 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
