|
315951
|
- |
|
filezilla
|
filezilla
|
NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's p…
|
NVD-CWE-Other
|
CVE-2005-2898
|
2024-08-8 08:15 |
2005-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315952
|
- |
|
neocrome
|
land_down_under
|
Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c …
|
NVD-CWE-Other
|
CVE-2005-2674
|
2024-08-8 08:15 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315953
|
- |
|
neocrome
|
land_down_under
|
Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter…
|
NVD-CWE-Other
|
CVE-2005-2675
|
2024-08-8 08:15 |
2005-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315954
|
- |
|
incredible_interactive
|
dragonfly_commerce
|
Dragonfly Commerce allows remote attackers to change a product price by modifying the x_DragonflyCartProductPrice hidden field to (1) dc_Categorieslist.asp, (2) dc_Categoriesview.asp, (3) dc_products…
|
NVD-CWE-Other
|
CVE-2005-2220
|
2024-08-8 08:15 |
2005-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315955
|
- |
|
incredible_interactive
|
dragonfly_commerce
|
Multiple SQL injection vulnerabilities in Dragonfly Commerce allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via the (1) key parameter to dc_Categoriesvie…
|
NVD-CWE-Other
|
CVE-2005-2221
|
2024-08-8 08:15 |
2005-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315956
|
- |
|
sun
|
javamail
|
ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@doma…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-1753
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315957
|
- |
|
sun
apache_tomcat
|
javamail
apache_tomcat
|
JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache d…
|
CWE-200
Information Exposure
|
CVE-2005-1754
|
2024-08-8 07:15 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315958
|
- |
|
todd_miller
|
sudo
|
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE a…
|
NVD-CWE-Other
|
CVE-2005-1831
|
2024-08-8 07:15 |
2005-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315959
|
- |
|
solstice
|
solstice_internet_mail_server
|
JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remo…
|
CWE-20
Improper Input Validation
|
CVE-2005-1682
|
2024-08-8 07:15 |
2005-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315960
|
- |
|
fishnet
|
fishcart
|
Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) cartid parameter to upstnt.php or (2) psku parameter to display.php. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2005-1487
|
2024-08-8 07:15 |
2005-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
