244751
|
2.6 |
LOW
|
mozilla
|
thunderbird
|
The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers t…
|
NVD-CWE-Other
|
CVE-2005-3402
|
2016-10-18 12:35 |
2005-11-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244752
|
4.3 |
MEDIUM
|
adaptive_technology_resource_centre
|
atutor
|
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, …
|
NVD-CWE-Other
|
CVE-2005-3403
|
2016-10-18 12:35 |
2005-11-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244753
|
7.5 |
HIGH
|
adaptive_technology_resource_centre
|
atutor
|
Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_hea…
|
NVD-CWE-Other
|
CVE-2005-3404
|
2016-10-18 12:35 |
2005-11-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244754
|
7.5 |
HIGH
|
-
|
-
|
ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) des…
|
NVD-CWE-Other
|
CVE-2005-3405
|
2016-10-18 12:35 |
2005-11-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244755
|
7.5 |
HIGH
|
phpbb_group
|
phpbb
|
phpBB 2.0.17 and earlier, when register_globals is enabled and the session_start function has not been called to handle a session, allows remote attackers to bypass security checks by setting the $_S…
|
NVD-CWE-Other
|
CVE-2005-3416
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244756
|
7.5 |
HIGH
|
phpbb_group
|
phpbb
|
phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attackers to modify global variables and bypass security mechanisms because PHP does not define the associ…
|
NVD-CWE-Other
|
CVE-2005-3417
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244757
|
4.3 |
MEDIUM
|
phpbb_group
|
phpbb
|
Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to usercp_register.php, (…
|
NVD-CWE-Other
|
CVE-2005-3418
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244758
|
7.5 |
HIGH
|
phpbb_group
|
phpbb
|
SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execute arbitrary SQL commands via the signature_bbcode_uid parameter, which is not properly initialized.
|
NVD-CWE-Other
|
CVE-2005-3419
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244759
|
7.5 |
HIGH
|
phpbb_group
|
phpbb
|
usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execute PHP code via the signature_bbcode_uid parameter, as demonstrated by injecting an "e" modifier int…
|
NVD-CWE-Other
|
CVE-2005-3420
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244760
|
5.0 |
MEDIUM
|
thomas_rybak
|
minigal_2
|
MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all.
|
NVD-CWE-Other
|
CVE-2005-3432
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244761
|
5.1 |
MEDIUM
|
mirabilis
|
icq
|
Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields.
|
NVD-CWE-Other
|
CVE-2005-3433
|
2016-10-18 12:35 |
2005-11-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244762
|
5.0 |
MEDIUM
|
nero
|
neronet
|
Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-e…
|
NVD-CWE-Other
|
CVE-2005-3484
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244763
|
7.5 |
HIGH
|
glider
|
collectn_kill
|
Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name.
|
CWE-119
バッファエラー
|
CVE-2005-3485
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244764
|
7.5 |
HIGH
|
scorched_3d
|
scorched_3d
|
Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) Serv…
|
NVD-CWE-Other
|
CVE-2005-3486
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244765
|
7.5 |
HIGH
|
scorched_3d
|
scorched_3d
|
Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::ser…
|
NVD-CWE-Other
|
CVE-2005-3487
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244766
|
7.8 |
HIGH
|
scorched_3d
|
scorched_3d
|
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler…
|
NVD-CWE-Other
|
CVE-2005-3488
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244767
|
7.5 |
HIGH
|
asus
|
video_security_online
|
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.
|
NVD-CWE-Other
|
CVE-2005-3489
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244768
|
5.0 |
MEDIUM
|
asus
|
video_security_online
|
Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL.
|
NVD-CWE-Other
|
CVE-2005-3490
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244769
|
5.0 |
MEDIUM
|
afsl_games
|
battle_carry
|
Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on…
|
NVD-CWE-Other
|
CVE-2005-3493
|
2016-10-18 12:35 |
2005-11-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244770
|
5.0 |
MEDIUM
|
cerberus
|
cerberus_helpdesk
|
attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.
|
NVD-CWE-Other
|
CVE-2005-3502
|
2016-10-18 12:35 |
2005-11-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244771
|
5.1 |
MEDIUM
|
-
|
-
|
Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed ce…
|
NVD-CWE-Other
|
CVE-2005-3230
|
2016-10-18 12:34 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244772
|
5.1 |
MEDIUM
|
cat
|
quick_heal
|
Multiple interpretation error in unspecified versions of CAT Quick Heal allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed cen…
|
NVD-CWE-Other
|
CVE-2005-3231
|
2016-10-18 12:34 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244773
|
5.1 |
MEDIUM
|
thehacker
|
thehacker
|
Multiple interpretation error in unspecified versions of TheHacker allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central …
|
NVD-CWE-Other
|
CVE-2005-3232
|
2016-10-18 12:34 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244774
|
5.1 |
MEDIUM
|
trustix
|
antivirus
|
Multiple interpretation error in unspecified versions of Trustix Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed …
|
NVD-CWE-Other
|
CVE-2005-3233
|
2016-10-18 12:34 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244775
|
5.1 |
MEDIUM
|
grisoft
|
avg_antivirus
|
Multiple interpretation error in unspecified versions of Grisoft AVG Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malfor…
|
NVD-CWE-Other
|
CVE-2005-3234
|
2016-10-18 12:34 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244776
|
5.1 |
MEDIUM
|
proland
|
protector_plus
|
Multiple interpretation error in unspecified versions of Proland Protector Plus 2000 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR …
|
NVD-CWE-Other
|
CVE-2005-3235
|
2016-10-18 12:34 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244777
|
7.5 |
HIGH
|
versatilebulletinboard
|
versatilebulletinboard
|
Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) login field, (2) "searc…
|
NVD-CWE-Other
|
CVE-2005-3259
|
2016-10-18 12:34 |
2005-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244778
|
4.3 |
MEDIUM
|
versatilebulletinboard
|
versatilebulletinboard
|
Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php…
|
NVD-CWE-Other
|
CVE-2005-3260
|
2016-10-18 12:34 |
2005-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244779
|
5.0 |
MEDIUM
|
versatilebulletinboard
|
versatilebulletinboard
|
getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request.
|
NVD-CWE-Other
|
CVE-2005-3261
|
2016-10-18 12:34 |
2005-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244780
|
4.3 |
MEDIUM
|
flatnuke
|
flatnuke
|
Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the user parameter in a profile operation, a different vuln…
|
NVD-CWE-Other
|
CVE-2005-3306
|
2016-10-18 12:34 |
2005-10-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244781
|
5.0 |
MEDIUM
|
-
|
-
|
Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to read arbitrary files via ".." sequences in the (1) user parameter in a profile operation or (2) quale para…
|
NVD-CWE-Other
|
CVE-2005-3307
|
2016-10-18 12:34 |
2005-10-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244782
|
2.1 |
LOW
|
bmc
|
software_control-m_agent
|
BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
NVD-CWE-Other
|
CVE-2005-3311
|
2016-10-18 12:34 |
2005-10-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244783
|
7.5 |
HIGH
|
-
|
-
|
Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation pr…
|
NVD-CWE-Other
|
CVE-2005-3327
|
2016-10-18 12:34 |
2005-10-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244784
|
7.5 |
HIGH
|
punbb
|
punbb
|
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter.
|
NVD-CWE-Other
|
CVE-2005-3328
|
2016-10-18 12:34 |
2005-10-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244785
|
4.3 |
MEDIUM
|
rsa
|
authentication_agent_for_web
|
Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operati…
|
NVD-CWE-Other
|
CVE-2005-3329
|
2016-10-18 12:34 |
2005-10-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244786
|
4.3 |
MEDIUM
|
flatnuke
|
flatnuke
|
Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of …
|
NVD-CWE-Other
|
CVE-2005-3361
|
2016-10-18 12:34 |
2005-10-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244787
|
7.5 |
HIGH
|
platinum
|
dboardgear
|
Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL commands via (1) the buddy parameter in buddy.php, (2) the u2uid parameter in u2u.php, and (3) an …
|
NVD-CWE-Other
|
CVE-2005-3364
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244788
|
4.3 |
MEDIUM
|
sparkleblog
|
sparkleblog
|
Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog 2.1 allows remote attackers to inject arbitrary web script or HTML via the name field.
|
NVD-CWE-Other
|
CVE-2005-3367
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244789
|
5.1 |
MEDIUM
|
arcavir
|
arcavir_2005
|
Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is norma…
|
NVD-CWE-Other
|
CVE-2005-3370
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244790
|
5.1 |
MEDIUM
|
grisoft
|
avg_antivirus
|
Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated wit…
|
NVD-CWE-Other
|
CVE-2005-3371
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244791
|
5.1 |
MEDIUM
|
dr.web
|
dr.web_antivirus
|
Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with…
|
NVD-CWE-Other
|
CVE-2005-3373
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244792
|
5.1 |
MEDIUM
|
frisk_software
|
f-prot_antivirus
|
Multiple interpretation error in F-Prot 3.16c allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with…
|
NVD-CWE-Other
|
CVE-2005-3374
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244793
|
5.1 |
MEDIUM
|
ikarus
|
ikarus_antivirus
|
Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associat…
|
NVD-CWE-Other
|
CVE-2005-3375
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244794
|
5.1 |
MEDIUM
|
kaspersky_lab
|
kaspersky_anti-virus
|
Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated…
|
NVD-CWE-Other
|
CVE-2005-3376
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244795
|
5.1 |
MEDIUM
|
norman
|
norman_virus_control
|
Multiple interpretation error in Norman 5.81 with the 5.83.02 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is n…
|
NVD-CWE-Other
|
CVE-2005-3378
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244796
|
5.0 |
MEDIUM
|
panda
|
titanium_2005
|
Multiple interpretation error in Panda Titanium 2005 4.02.01 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally …
|
NVD-CWE-Other
|
CVE-2005-3380
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244797
|
5.1 |
MEDIUM
|
mcafee
|
internet_security_suite
|
Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to…
|
NVD-CWE-Other
|
CVE-2005-3377
|
2016-10-18 12:34 |
2005-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244798
|
7.5 |
HIGH
|
virtools
|
web_player
|
Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.
|
NVD-CWE-Other
|
CVE-2005-3135
|
2016-10-18 12:33 |
2005-10-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244799
|
5.0 |
MEDIUM
|
cerulean_studios
|
trillian
|
Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ.
|
NVD-CWE-Other
|
CVE-2005-3141
|
2016-10-18 12:33 |
2005-10-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
244800
|
7.5 |
HIGH
|
mywebland
|
mybloggie
|
login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null charact…
|
NVD-CWE-Other
|
CVE-2005-3153
|
2016-10-18 12:33 |
2005-10-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|