Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username prompt.
Max CVSS
7.5
EPSS Score
0.80%
Published
2005-03-31
Updated
2017-07-11
Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL.
Max CVSS
5.0
EPSS Score
1.92%
Published
2005-03-29
Updated
2017-07-11
SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-03-29
Updated
2016-10-18
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
Max CVSS
5.0
EPSS Score
0.41%
Published
2005-03-30
Updated
2018-10-30
PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execute arbitrary PHP code.
Max CVSS
7.5
EPSS Score
12.27%
Published
2005-03-29
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword.
Max CVSS
4.3
EPSS Score
1.01%
Published
2005-03-29
Updated
2017-07-11
Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting (XSS) attacks.
Max CVSS
4.3
EPSS Score
0.79%
Published
2005-03-29
Updated
2017-07-11
Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter.
Max CVSS
4.3
EPSS Score
0.17%
Published
2005-03-26
Updated
2008-09-05
Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb.
Max CVSS
7.5
EPSS Score
0.32%
Published
2005-03-24
Updated
2008-09-05
Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php.
Max CVSS
7.5
EPSS Score
0.15%
Published
2005-03-28
Updated
2008-09-05
Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php.
Max CVSS
4.3
EPSS Score
0.19%
Published
2005-03-28
Updated
2008-09-05
marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter, which reveal the path in an error message.
Max CVSS
5.0
EPSS Score
0.55%
Published
2005-03-26
Updated
2016-10-18
Cross-site scripting (XSS) vulnerability in downloadform.php in E-Store Kit-2 PayPal Edition allows remote attackers to inject arbitrary web script or HTML via the txn_id parameter.
Max CVSS
4.3
EPSS Score
0.22%
Published
2005-03-26
Updated
2016-10-18
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
Max CVSS
10.0
EPSS Score
1.98%
Published
2005-03-28
Updated
2016-10-18
Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the area parameter.
Max CVSS
4.3
EPSS Score
0.20%
Published
2005-03-24
Updated
2008-09-05
Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in (1) functions.inc.php or (2) main.php, which causes code to be injected into an eval statement.
Max CVSS
7.5
EPSS Score
4.19%
Published
2005-03-24
Updated
2017-07-11
Multiple cross-site scripting (XSS) vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the mt parameter to the membres.php page or (2) the -afs-1- query string to the msg.php page.
Max CVSS
4.3
EPSS Score
0.32%
Published
2005-03-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in articles.newcomment for Interspire ArticleLive 2005 allows remote attackers to inject arbitrary web script or HTML via the Articleld parameter.
Max CVSS
4.3
EPSS Score
0.46%
Published
2005-03-23
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the title field of a PM (private message).
Max CVSS
4.3
EPSS Score
0.23%
Published
2005-03-23
Updated
2017-07-11
MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
Max CVSS
5.0
EPSS Score
7.05%
Published
2005-03-15
Updated
2019-12-17
Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.
Max CVSS
7.5
EPSS Score
1.73%
Published
2005-03-15
Updated
2016-10-18
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
Max CVSS
5.0
EPSS Score
0.45%
Published
2005-03-15
Updated
2016-10-18
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
Max CVSS
5.0
EPSS Score
1.14%
Published
2005-03-14
Updated
2017-07-11
ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used, which allows remote attackers to reinstall the software and possibly cause a denial of service via a direct request to install.php.
Max CVSS
6.4
EPSS Score
1.26%
Published
2005-03-15
Updated
2017-07-11
PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows remote attackers to (1) execute arbitrary PHP code in ZPanel 2.0 or (2) include local files in ZPanel 2.5 beta 10 and earlier by modifying the page parameter.
Max CVSS
7.5
EPSS Score
1.01%
Published
2005-03-15
Updated
2016-10-18
164 vulnerabilities found
1 2 3 4 5 6 7
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!