Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4467 | 1 Phpgedview | 1 Phpgedview | 2018-10-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the PGV_BASE_DIRECTORY parameter. | |||||
| CVE-2005-4463 | 1 Wordpress | 1 Wordpress | 2018-10-19 | 5.0 MEDIUM | N/A |
| WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to (1) wp-includes/vars.php, (2) wp-content/plugins/hello.php, (3) wp-admin/upgrade-functions.php, (4) wp-admin/edit-form.php, (5) wp-settings.php, and (6) wp-admin/edit-form-comment.php, which leaks the path in an error message related to undefined functions or failed includes. NOTE: the wp-admin/menu-header.php vector is already covered by CVE-2005-2110. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors were also reported to affect WordPress 2.0.1. | |||||
| CVE-2005-4458 | 1 Metadot | 1 Metadot Portal Server | 2018-10-19 | 9.0 HIGH | N/A |
| Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly reset the $IS_OWNER, $IS_ADMIN, and $IS_MANAGER global variables when performing checks for special privileges, which allows users to gain administrator privileges by adding themselves to the SITE_MGR group. | |||||
| CVE-2005-4594 | 1 Tugzip | 1 Tugzip | 2018-10-19 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive. | |||||
| CVE-2005-4590 | 1 Spb | 1 Kiosk Engine | 2018-10-19 | 4.6 MEDIUM | N/A |
| Spb Kiosk Engine 1.0.0.1 allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL specifying a .exe file. | |||||
| CVE-2005-4589 | 1 Spb | 1 Kiosk Engine | 2018-10-19 | 2.1 LOW | N/A |
| Spb Kiosk Engine 1.0.0.1 stores the administrator's passcode in the registry in plaintext, which allows local users to obtain the passcode. | |||||
| CVE-2005-4582 | 1 Scott Draves | 1 Electric Sheep | 2018-10-19 | 7.5 HIGH | N/A |
| Electric Sheep 2.6.3 does not require authentication or integrity checks from the server to the client, which allows remote attackers to download and display arbitrary MPEG movie files via (1) DNS spoofing, (2) a URL on the command line, or (3) a URL in the configuration file. NOTE: the same attack vectors apply to common web browsers that are able to communicate with untrusted web servers, and other problems related to DNS design issues. Therefore this may not be a specific vulnerability. However, a client would reasonably expect to receive content only from the server. | |||||
| CVE-2005-4581 | 1 Scott Draves | 1 Electric Sheep | 2018-10-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in Electric Sheep 2.6.3 client allows local users to execute arbitrary code via a long window-id parameter. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability. | |||||
| CVE-2005-4503 | 1 Net-square | 1 Httprint | 2018-10-19 | 5.0 MEDIUM | N/A |
| httprint v202, and possibly other versions before v301, allows remote attackers to cause a denial of service (crash) via a long Server field in an HTTP response. | |||||
| CVE-2005-4461 | 1 Beehive Forum | 1 Beehive Forum | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in Beehive Forum 0.6.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_sess parameter. | |||||
| CVE-2005-4554 | 1 Dev | 1 Dev Web Management System | 2018-10-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DEV web management system 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter in an openforum action (openforum.php) in index.php, (2) cat parameter in getfile.php, and (3) target parameter in download_now.php. | |||||
| CVE-2005-4831 | 1 Viewcvs | 1 Viewcvs | 2018-10-19 | 4.3 MEDIUM | N/A |
| viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting (XSS) and other attacks, as demonstrated using (1) "text/html", or (2) "image/jpeg" with an image that is rendered as HTML by Internet Explorer, a different vulnerability than CVE-2004-1062. NOTE: it was later reported that 0.9.4 is also affected. | |||||
| CVE-2005-4462 | 1 Tolva | 1 Tolva | 2018-10-19 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in usermods.php in Tolva PHP website system 0.1.0 allows remote attackers to execute arbitrary code via a URL in the ROOT parameter. | |||||
| CVE-2005-4727 | 1 Martin Bauer | 1 Gbook | 2018-10-19 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in gbook.cgi in gBook before 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header field. | |||||
| CVE-2005-4557 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2018-10-19 | 5.0 MEDIUM | N/A |
| dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability. | |||||
| CVE-2005-4830 | 1 Viewcvs | 1 Viewcvs | 2018-10-19 | 7.6 HIGH | N/A |
| CRLF injection vulnerability in viewcvs in ViewCVS 0.9.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the content-type parameter. | |||||
| CVE-2005-4826 | 1 Cisco | 1 Ios | 2018-10-19 | 6.1 MEDIUM | N/A |
| Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. | |||||
| CVE-2005-4708 | 1 Adobe | 9 Captivate, Contribute, Director and 6 more | 2018-10-19 | 7.2 HIGH | N/A |
| Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System. | |||||
| CVE-2005-4556 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2018-10-19 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the (1) lang_settings and (2) language parameters in (a) accounts/inc/include.php and (b) admin/inc/include.php. | |||||
| CVE-2005-4526 | 1 Clearswift | 1 Mimesweeper For Web | 2018-10-19 | 5.0 MEDIUM | N/A |
| Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file. | |||||
| CVE-2005-4525 | 1 Sygate Technologies | 1 Protection Agent | 2018-10-19 | 4.6 MEDIUM | N/A |
| SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch. | |||||
| CVE-2005-4517 | 1 Php Fusion | 1 Php Fusion | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php. | |||||
| CVE-2005-4474 | 1 Rarlab | 1 Winrar | 2018-10-19 | 5.1 MEDIUM | N/A |
| Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-ANSI characters, as demonstrated using a Chinese filename, possibly due to buffer expansion when using the WideCharToMultiByte API. NOTE: it is not clear whether this problem can be exploited for code execution. If not, then perhaps the user-assisted nature of the attack should exclude the issue from inclusion in CVE. | |||||
| CVE-2005-4460 | 1 Beehive Forum | 1 Beehive Forum | 2018-10-19 | 5.1 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Beehive Forum 0.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Description, and (3) Comment fields to (a) links.php and (b) links_add.php. | |||||
| CVE-2006-0014 | 1 Microsoft | 1 Outlook Express | 2018-10-19 | 5.1 MEDIUM | N/A |
| Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values. | |||||
| CVE-2005-4468 | 1 Phpgedview | 1 Phpgedview | 2018-10-19 | 7.5 HIGH | N/A |
| PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. | |||||
| CVE-2005-4469 | 1 Phpgedview | 1 Phpgedview | 2018-10-19 | 7.5 HIGH | N/A |
| Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_register.php, which is directly inserted into authenticate.php. | |||||
| CVE-2005-4470 | 1 Blender | 1 Blenloader | 2018-10-19 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. | |||||
| CVE-2005-4665 | 1 Punbb | 1 Punbb | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags. | |||||
| CVE-2005-4514 | 1 Webwasher | 1 Csm Appliance Suite | 2018-10-19 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** The encapsulation script mechanism in Webwasher CSM Appliance Suite 5.x uses case-sensitive detection of malicious tokens, which allows attackers to bypass script detection by using tokens that can be upper or lower case. NOTE: the vendor has stated that this problem could not be reproduced, and has asked the researcher for more information, without a response as of 20060103. | |||||
| CVE-2005-4626 | 1 Recruitment Software | 1 Recruitment Software | 2018-10-19 | 5.0 MEDIUM | N/A |
| The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request. | |||||
| CVE-2005-4620 | 1 Rarlab | 1 Winrar | 2018-10-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument for this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability. | |||||
| CVE-2006-0009 | 1 Microsoft | 2 Office, Works | 2018-10-19 | 5.1 MEDIUM | N/A |
| Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. | |||||
| CVE-2005-4516 | 1 Php Fusion | 1 Php Fusion | 2018-10-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags. | |||||
| CVE-2005-4605 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value. | |||||
| CVE-2005-4534 | 1 Mozilla | 1 Bugzilla | 2018-10-19 | 7.5 HIGH | N/A |
| The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-4502 | 1 Net-square | 1 Httprint | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in httprint v202, and possibly other versions before v301, allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response, which is not sanitized before being displayed to the user. | |||||
| CVE-2005-4466 | 1 Interactive Intelligence | 1 Interaction Sip Proxy | 2018-10-19 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters. | |||||
| CVE-2005-4555 | 1 Dev | 1 Dev Web Management System | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in DEV web management system 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ENTER_ARTICLE_TITLE, (2) SPECIFY_ZONE, (3) ENTER_ARTICLE_HEADER, and (4) ENTER_ARTICLE_BODY indices in the language array parameter. | |||||
| CVE-2005-4559 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2018-10-19 | 5.0 MEDIUM | N/A |
| mail/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly initialize the default_layout and layout_settings variables when an unrecognized HTTP_USER_AGENT string is provided, which allows remote attackers to access arbitrary files via a request with an unrecognized User Agent that also specifies the desired default_layout and layout_settings parameters. | |||||
| CVE-2005-4558 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2018-10-19 | 6.5 MEDIUM | N/A |
| IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include arbitrary PHP code via a URL in a modified lang_settings parameter to mail/index.html. | |||||
| CVE-2005-4022 | 1 Gallery Project | 1 Gallery | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the "Add Image From Web" feature in Gallery 2.0 before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag. | |||||
| CVE-2005-4219 | 1 Innovative Cms | 1 Innovative Cms | 2018-10-19 | 5.0 MEDIUM | N/A |
| setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be processed before content is returned to the user, so this might not be a vulnerability. | |||||
| CVE-2005-4052 | 1 E107 | 1 E107 | 2018-10-19 | 5.0 MEDIUM | N/A |
| e107 0.6174 allows remote attackers to redirect users to other web sites via the download parameter in rate.php, which is used after a user submits a file download rating. NOTE: in the default installation, the e_BASE variable restricts the redirection to the same web site. | |||||
| CVE-2005-4260 | 1 Francisco Burzi | 1 Php-nuke | 2018-10-19 | 4.3 MEDIUM | N/A |
| Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the data, but is automatically corrected by many web browsers. NOTE: it could be argued that this vulnerability is due to a design limitation of many web browsers; if so, then this should not be treated as a vulnerability in PHP-Nuke. | |||||
| CVE-2005-4080 | 1 Horde | 1 Imp | 2018-10-19 | 4.3 MEDIUM | N/A |
| Horde IMP 4.0.4 and earlier does not sanitize strings containing UTF16 null characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via UTF16 encoded attachments and strings that will be executed when viewed using Internet Explorer, which ignores the characters. | |||||
| CVE-2005-4021 | 1 Gallery Project | 1 Gallery | 2018-10-19 | 5.0 MEDIUM | N/A |
| The installer for Gallery 2.0 before 2.0.2 stores the install log under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-4023 | 1 Gallery Project | 1 Gallery | 2018-10-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the zipcart module in Gallery 2.0 before 2.0.2 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2005-4049 | 1 Netart Media | 1 Blog System | 2018-10-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php. | |||||
| CVE-2005-4050 | 1 Multi-tech Systems | 1 Multivoip | 2018-10-19 | 7.5 HIGH | N/A |
| Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol (SIP) packet. | |||||