|
313321
|
- |
|
incredible_interactive
|
dragonfly_commerce
|
Multiple SQL injection vulnerabilities in Dragonfly Commerce allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via the (1) key parameter to dc_Categoriesvie…
|
NVD-CWE-Other
|
CVE-2005-2221
|
2024-08-8 08:15 |
2005-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313322
|
- |
|
sun
|
javamail
|
ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@doma…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-1753
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313323
|
- |
|
sun
apache_tomcat
|
javamail
apache_tomcat
|
JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache d…
|
CWE-200
Information Exposure
|
CVE-2005-1754
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313324
|
- |
|
todd_miller
|
sudo
|
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE a…
|
NVD-CWE-Other
|
CVE-2005-1831
|
2024-08-8 07:15 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313325
|
- |
|
solstice
|
solstice_internet_mail_server
|
JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remo…
|
CWE-20
Improper Input Validation
|
CVE-2005-1682
|
2024-08-8 07:15 |
2005-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313326
|
- |
|
fishnet
|
fishcart
|
Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) cartid parameter to upstnt.php or (2) psku parameter to display.php. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2005-1487
|
2024-08-8 07:15 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313327
|
- |
|
open_solution
|
quick.cart
|
SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iCategory parameter. NOTE: the vendor has privately disputed this issu…
|
NVD-CWE-Other
|
CVE-2005-1588
|
2024-08-8 07:15 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313328
|
- |
|
netiq
|
pssecure
|
Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib…
|
NVD-CWE-Other
|
CVE-2005-1244
|
2024-08-8 07:15 |
2005-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313329
|
- |
|
calendarscript
|
calendarscript
|
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via th…
|
NVD-CWE-Other
|
CVE-2005-1145
|
2024-08-8 07:15 |
2005-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313330
|
- |
|
ariadne
|
ariadne_cms
|
NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ari…
|
NVD-CWE-Other
|
CVE-2005-1181
|
2024-08-8 07:15 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
