Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-4150 | 4.3 |
Cross-site scripting (XSS) vulnerability in the portal login page in Computer Associates CleverPath 4.7 allows remote attackers to execute Javascript via unknown vectors.
|
07-04-2021 - 18:57 | 10-12-2005 - 11:03 | |
CVE-2000-0778 | 5.0 |
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
|
30-10-2018 - 16:25 | 20-10-2000 - 04:00 | |
CVE-2005-4148 | 5.0 |
Lyris ListManager 8.5, and possibly other versions before 8.8, includes sensitive information in the env hidden variable, which allows remote attackers to obtain information such as the installation path by requesting a non-existent page and reading
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4151 | 2.1 |
The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk.
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4143 | 7.5 |
SQL injection vulnerability in Lyris ListManager 5.0 through 8.9a allows remote attackers to execute arbitrary SQL commands via SQL code after a numeric argument to a /read/attachment URL.
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4146 | 5.0 |
Lyris ListManager before 8.9b allows remote attackers to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information.
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4144 | 7.5 |
Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in the orderby parameter, such as (1) newlines and (2) 0xFF (ASCII 255) characters, which are interpreted as whitesp
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4082 | 4.6 |
The dhcp.client program for QNX 4.25 vmware is setuid, possibly by default, which allows local users to modify the NIC configuration and conduct other attacks.
|
19-10-2018 - 15:40 | 08-12-2005 - 01:03 | |
CVE-2005-4142 | 7.5 |
The web interface for subscribing new users in Lyris ListManager 5.0 through 8.8b, in combination with a line wrap feature, allows remote attackers to execute arbitrary list administration commands via LFCR (%0A%0D) sequences in the pw parameter. NO
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4147 | 6.5 |
The TCLHTTPd service in Lyris ListManager before 8.9b allows remote attackers to obtain source code for arbitrary .tml (TCL) files via (1) a request with a trailing null byte (%00), which might also require (2) an authentication bypass step that invo
|
19-10-2018 - 15:40 | 10-12-2005 - 11:03 | |
CVE-2005-4131 | 6.8 |
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corrupti
|
19-10-2018 - 15:40 | 09-12-2005 - 11:03 | |
CVE-2016-3248 | 9.3 |
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memo
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
CVE-2008-4527 | 7.5 |
SQL injection vulnerability in recept.php in the Recepies (Recept) module 1.1 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the kat_id parameter in a kategorier action. NOTE: some of these details are obtained from thi
|
29-09-2017 - 01:32 | 09-10-2008 - 18:14 |