| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-0780 | 6.8 |
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked
|
09-10-2019 - 22:52 | 26-02-2007 - 20:28 | |
| CVE-2005-3832 | 5.1 |
Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrar
|
19-10-2018 - 15:39 | 26-11-2005 - 19:03 | |
| CVE-2005-3831 | 5.1 |
Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted a
|
19-10-2018 - 15:39 | 26-11-2005 - 19:03 | |
| CVE-2005-3817 | 7.5 |
Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cid parameter in search_result.php, (2) sbres_id parameter in review.php, (3) cid paramet
|
11-07-2017 - 01:33 | 26-11-2005 - 02:03 | |
| CVE-2014-0369 | 5.0 |
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Java Integration, a different vulnerability than CVE-2015-0366.
|
19-11-2016 - 03:02 | 15-01-2014 - 16:08 | |
| CVE-2005-3840 | 7.5 |
SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned t
|
05-08-2011 - 04:00 | 26-11-2005 - 22:03 | |
| CVE-2007-5934 | 4.3 |
The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive informati
|
08-03-2011 - 03:01 | 13-11-2007 - 22:46 | |
| CVE-2005-4567 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.ft
|
08-03-2011 - 02:28 | 29-12-2005 - 11:03 | |
| CVE-2005-3826 | 7.5 |
Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) edit_id, (2) faq_id, and (3) c_id parameters in a query string, and (4) the search engine, possibly involving the search_st
|
08-03-2011 - 02:27 | 26-11-2005 - 02:03 | |
| CVE-2005-3855 | 7.5 |
SQL injection vulnerability in process.php in 1-2-3 music store allows remote attackers to execute arbitrary SQL commands via the AlbumID parameter.
|
08-03-2011 - 02:27 | 27-11-2005 - 11:03 | |
| CVE-2005-3914 | 6.4 |
Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php.
|
08-03-2011 - 02:27 | 30-11-2005 - 11:03 | |
| CVE-2002-1157 | 7.5 |
Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS respons
|
05-09-2008 - 20:29 | 04-11-2002 - 05:00 |