CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
13686 | CVE-2005-2480 | Candidate | Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm. | Assigned (20050805) | None (candidate not yet proposed) | View | |
13687 | CVE-2005-2481 | Candidate | ColdFusion Fusebox 4.1.0 allows remote attackers to obtain sensitive information via an invalid fuseaction parameter, which leaks the full server path in an error message, as demonstrated using the "?" (question mark) character. | Assigned (20050805) | None (candidate not yet proposed) | View | |
10724 | CVE-2004-2298 | Candidate | Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator. | Assigned (20050805) | None (candidate not yet proposed) | View | |
10725 | CVE-2004-2299 | Candidate | Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header. | Assigned (20050805) | None (candidate not yet proposed) | View | |
10726 | CVE-2004-2300 | Candidate | Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument. NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE. | Assigned (20050805) | None (candidate not yet proposed) | View |
Page 19045 of 20943, showing 5 records out of 104715 total, starting on record 95221, ending on 95225