Vulnerabilities (CVE)

Filter

122577 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-3730 1 Revize Cms 1 Revize Cms 2008-09-05 4.3
Multiple cross-site scripting (XSS) vulnerabilities in HTTPTranslatorServlet in Idetix Software Systems Revize CMS allow remote attackers to inject arbitrary web script or HTML via the (1) resourcetype, (2) objectmap, and (3) redirect parameters,...
CVE-2005-3729 1 Revize Cms 1 Revize Cms 2008-09-05 5.0
Idetix Software Systems Revize CMS allows remote attackers to obtain sensitive information via direct requests to files in the revize/debug directory, such as (1) apptables.html and (2) main.html.
CVE-2005-3728 1 Revize Cms 1 Revize Cms 2008-09-05 5.0
Idetix Software Systems Revize CMS stores conf/revize.xml under the web document root with insufficient access control, which allows remote attackers to obtain sensitive configuration information.
CVE-2005-3727 1 Revize Cms 1 Revize Cms 2008-09-05 7.5
SQL injection vulnerability in debug/query_results.jsp in Idetix Software Systems Revize CMS allows remote attackers to execute arbitrary SQL commands via the query parameter.
CVE-2005-3699 1 Opera Software 1 Opera Web Browser 2008-09-05 5.0
Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site.
CVE-2005-3698 1 Php Easy Download 1 Php Easy Download 2008-09-05 7.5
PHP Easy Download allows remote attackers to bypass authentication via edit.php.
CVE-2005-3697 1 Uresk Links 1 Uresk Links 2008-09-05 7.5
Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php.
CVE-2005-3687 2008-09-05 5.0
cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote attackers to cancel requests for arbitrary accounts via a modified c parameter.
CVE-2005-3671 2 Openswan, Frees Wan 2 Frees Wan, Openswan 2008-09-05 7.8
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES...
CVE-2005-3668 1 Internet Key Exchange 1 Internet Key Exchange 2008-09-05 5.0
Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for...
CVE-2005-3667 1 Internet Key Exchange 1 Internet Key Exchange 2008-09-05 5.0
Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test...
CVE-2005-3666 1 Internet Key Exchange 1 Internet Key Exchange 2008-09-05 10.0
Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1....
CVE-2005-3643 1 Ibm 1 Db2 Universal Database 2008-09-05 7.5
IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password.
CVE-2005-3642 1 Ibm 1 Informix Dynamic Database Server 2008-09-05 7.5
IBM Informix Dynamic Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account by supplying an invalid username.
CVE-2005-3641 1 Oracle 5 Database Server, Oracle10g, Oracle9i and 2 more 2008-09-05 7.5
Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.
CVE-2005-3630 1 Redhat 1 Fedora Core 2008-09-05 5.0
Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before...
CVE-2005-3621 1 Phpmyadmin 1 Phpmyadmin 2008-09-05 5.0
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.
CVE-2005-3540 1 Petris 1 Petris 2008-09-05 7.5
Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspecified attack vectors.
CVE-2005-3537 1 Phpbb Group 1 Phpbb 2008-09-05 5.0
A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs.
CVE-2005-3536 1 Phpbb Group 1 Phpbb 2008-09-05 7.5
SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type.