CVE List

Id CVE No. Status Description Phase Votes Comments Actions
13681  CVE-2005-2475  Candidate  Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.  Assigned (20050805)  None (candidate not yet proposed)    View
13682  CVE-2005-2476  Candidate  Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter.  Assigned (20050805)  None (candidate not yet proposed)    View
13683  CVE-2005-2477  Candidate  shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a """ (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability.  Assigned (20050805)  None (candidate not yet proposed)    View
13684  CVE-2005-2478  Candidate  SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel.  Assigned (20050805)  None (candidate not yet proposed)    View
13685  CVE-2005-2479  Candidate  Quick "n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command.  Assigned (20050805)  None (candidate not yet proposed)    View

Page 19044 of 20943, showing 5 records out of 104715 total, starting on record 95216, ending on 95220

Actions