CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
15501 CVE-2006-0344 Dir. Trav. 2006-01-20 2017-07-19
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in Intervations FileCOPA FTP Server 1.01 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the (1) STOR and (2) RETR commands.
15502 CVE-2006-0332 94 2006-01-20 2017-07-19
6.4
None Remote Low Not required Partial Partial None
Pantomime in Ecartis 1.0.0 snapshot 20050909 stores e-mail attachments in a publicly accessible directory, which may allow remote attackers to upload arbitrary files.
15503 CVE-2006-0299 2006-02-02 2018-10-19
6.4
None Remote Low Not required Partial Partial None
The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
15504 CVE-2006-0250 Exec Code 2006-01-17 2018-10-19
6.4
None Remote Low Not required None Partial Partial
Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.
15505 CVE-2006-0242 XSS 2006-01-17 2018-10-19
6.4
None Remote Low Not required Partial Partial None
Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter.
15506 CVE-2006-0231 2006-04-24 2018-10-19
6.4
None Remote Low Not required Partial Partial None
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
15507 CVE-2006-0183 Exec Code 2006-01-12 2018-10-19
6.5
User Remote Low Single system Partial Partial Partial
Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via (1) the edit=header value, which modifies header.php, or (2) the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from the poor authentication as identified by CVE-2006-0182. Since the design of the product allows the administrator to edit the code, perhaps this issue should not be included in CVE, except as a consequence of CVE-2006-0182.
15508 CVE-2006-0071 2006-01-03 2008-09-05
6.6
None Local Low Not required Complete Complete None
The ebuild for pinentry before 0.7.2-r2 on Gentoo Linux sets setgid bits for pinentry programs, which allows local users to read or overwrite arbitrary files as gid 0.
15509 CVE-2006-0038 189 Overflow 2006-03-22 2017-10-10
6.9
Admin Local Medium Not required Complete Complete Complete
Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.
15510 CVE-2006-0026 Exec Code Overflow 2006-07-11 2018-10-30
6.5
User Remote Low Single system Partial Partial Partial
Buffer overflow in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows local and possibly remote attackers to execute arbitrary code via crafted Active Server Pages (ASP).
15511 CVE-2006-0015 Exec Code XSS 2006-04-11 2018-10-19
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
15512 CVE-2006-0013 Exec Code Overflow 2006-02-14 2018-10-12
6.5
User Remote Low Single system Partial Partial Partial
Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207.
15513 CVE-2005-4884 2010-01-25 2010-01-26
6.8
None Remote Low Single system None None Complete
Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 10.1.0.4 (10g) allows remote authenticated attackers to affect availability via unknown vectors, aka DB02.
15514 CVE-2005-4866 119 Overflow 2005-12-31 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.
15515 CVE-2005-4860 +Priv 2005-12-31 2008-09-05
6.9
Admin Local Medium Not required Complete Complete Complete
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.
15516 CVE-2005-4859 2005-12-31 2008-09-05
6.4
None Remote Low Not required Partial None Partial
mimicboard2 (Mimic2) 086 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mimic2.dat.
15517 CVE-2005-4828 2005-12-31 2010-04-02
6.4
None Remote Low Not required None Partial Partial
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue crosses privilege boundaries, so this might not be a vulnerability.
15518 CVE-2005-4826 DoS 2005-12-31 2018-10-19
6.1
None Local Network Low Not required None None Complete
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776.
15519 CVE-2005-4819 XSS 2005-12-31 2017-07-28
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
15520 CVE-2005-4790 Exec Code 2005-12-31 2018-10-30
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
15521 CVE-2005-4772 2005-12-31 2008-09-05
6.4
None Remote Low Not required Partial Partial None
liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.
15522 CVE-2005-4751 +Priv XSS 2005-12-31 2018-09-27
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and WebLogic Express 9.0, 8.1 SP4 and earlier, 7.0 SP6 and earlier, and 6.1 SP7 and earlier allow remote attackers to inject arbitrary web script or HTML and gain administrative privileges via unknown attack vectors.
15523 CVE-2005-4748 Exec Code XSS File Inclusion 2005-12-31 2008-09-05
6.8
User Remote Medium Not required Partial Partial Partial
PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote attackers to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to as XSS, but it is clear from the vendor description that it is a file inclusion problem.
15524 CVE-2005-4744 DoS Exec Code Sql 2005-12-31 2017-10-10
6.4
None Remote Low Not required Partial None Partial
Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS. Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues. Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier.
15525 CVE-2005-4739 DoS 2005-12-31 2008-09-05
6.8
None Remote Low Single system None None Complete
IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action.
15526 CVE-2005-4738 +Priv 2005-12-31 2008-09-05
6.5
User Remote Low Single system Partial Partial Partial
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.
15527 CVE-2005-4736 DoS 2005-12-31 2008-09-05
6.8
None Remote Low Single system None None Complete
IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.
15528 CVE-2005-4735 DoS 2005-12-31 2008-09-05
6.8
None Remote Low Single system None None Complete
IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817.
15529 CVE-2005-4734 1 Exec Code Overflow 2005-12-31 2008-09-05
6.4
None Remote Low Not required None Partial Partial
Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.
15530 CVE-2005-4711 89 Exec Code Sql 2005-12-31 2017-07-19
6.8
User Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
15531 CVE-2005-4702 Sql 2005-12-31 2008-09-05
6.4
None Remote Low Not required Partial Partial None
SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
15532 CVE-2005-4699 +Info 2005-12-31 2017-07-19
6.4
None Remote Low Not required Partial Partial None
Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q_Host parameter.
15533 CVE-2005-4685 2005-12-31 2017-07-19
6.4
None Remote Low Not required Partial Partial None
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.
15534 CVE-2005-4684 2005-12-31 2017-07-19
6.4
None Remote Low Not required Partial Partial None
Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.
15535 CVE-2005-4658 79 XSS 2005-12-31 2011-09-13
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site scripting (XSS) vulnerabilities in ASP-Programmers.com ASPKnowledgebase allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface.
15536 CVE-2005-4654 2005-12-31 2008-09-05
6.4
None Remote Low Not required None Partial Partial
Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1.7, 9.1.01, and 9.2, and OfO for Linux, allow remote attackers to have an unknown impact via unknown attack vectors. NOTE: because of the lack of details in the vendor advisory, it is unclear which set of existing CVEs this advisory might refer to.
15537 CVE-2005-4652 Exec Code Sql 2005-12-31 2017-07-19
6.4
None Remote Low Not required Partial Partial None
SQL injection vulnerability in PHlyMail 3.02.01 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
15538 CVE-2005-4651 Exec Code Sql 2005-12-31 2008-09-20
6.4
None Remote Low Not required Partial Partial None
SQL injection vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary SQL commands via the pmodule parameter.
15539 CVE-2005-4600 22 Dir. Trav. 2005-12-31 2018-10-19
6.4
None Remote Low Not required Partial Partial None
Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.
15540 CVE-2005-4558 2005-12-28 2018-10-19
6.5
User Remote Low Single system Partial Partial Partial
IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include arbitrary PHP code via a URL in a modified lang_settings parameter to mail/index.html.
15541 CVE-2005-4493 XSS 2005-12-22 2013-07-17
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
15542 CVE-2005-4482 XSS 2005-12-22 2013-07-18
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
15543 CVE-2005-4481 XSS 2005-12-22 2008-09-20
6.8
User Remote Medium Not required Partial Partial Partial
** DISPUTED ** Cross-site scripting (XSS) vulnerability in Polopoly 9 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. NOTE: the vendor has disputed this vulnerability, stating that the "XSS flaw was only part of the custom implementation of the [polopoly] site". As of 20061003, CVE has no further information on this issue, except that the original researcher has a history of testing live sites and assuming that discoveries indicate vulnerabilities in the associated package.
15544 CVE-2005-4480 XSS 2005-12-22 2008-09-20
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
15545 CVE-2005-4477 XSS 2005-12-22 2008-09-20
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter.
15546 CVE-2005-4476 XSS 2005-12-22 2013-09-12
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page parameters.
15547 CVE-2005-4475 XSS 2005-12-22 2008-09-20
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
15548 CVE-2005-4424 Exec Code Dir. Trav. 2005-12-20 2017-07-19
6.5
User Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of the filename, as demonstrated by an avatar filename ending with .png%00.
15549 CVE-2005-4423 Exec Code 2005-12-20 2008-09-05
6.5
User Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."
15550 CVE-2005-4422 Exec Code 2005-12-20 2008-09-05
6.5
User Remote Low Single system Partial Partial Partial
Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/images/albums.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.