CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
13681 | CVE-2005-2475 | Candidate | Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete. | Assigned (20050805) | None (candidate not yet proposed) | View | |
13682 | CVE-2005-2476 | Candidate | Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | Assigned (20050805) | None (candidate not yet proposed) | View | |
13683 | CVE-2005-2477 | Candidate | shop_display_products.php in Naxtor Shopping Cart 1.0 allows remote attackers to obtain sensitive information via a cat_id with a """ (single quote), which reveals the path in an error message, possibly due to an SQL injection vulnerability. | Assigned (20050805) | None (candidate not yet proposed) | View | |
13684 | CVE-2005-2478 | Candidate | SQL injection vulnerability in SilverNews 2.0.3 allows remote attackers to execute arbitrary SQL commands via the user field on the login page in the Admin control panel. | Assigned (20050805) | None (candidate not yet proposed) | View | |
13685 | CVE-2005-2479 | Candidate | Quick "n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command. | Assigned (20050805) | None (candidate not yet proposed) | View |
Page 19044 of 20943, showing 5 records out of 104715 total, starting on record 95216, ending on 95220