| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-3388 | 4.3 |
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
|
23-06-2020 - 03:15 | 01-11-2005 - 12:47 | |
| CVE-2005-3389 | 5.0 |
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting,
|
30-10-2018 - 16:25 | 01-11-2005 - 12:47 | |
| CVE-2005-3390 | 7.5 |
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST reque
|
30-10-2018 - 16:25 | 01-11-2005 - 12:47 | |
| CVE-2005-3523 | 7.5 |
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
|
19-10-2018 - 15:36 | 07-11-2005 - 02:02 | |
| CVE-2005-2628 | 5.1 |
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
|
19-10-2018 - 15:33 | 05-11-2005 - 11:02 | |
| CVE-2005-3323 | 7.5 |
docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
|
03-10-2018 - 21:32 | 27-10-2005 - 10:02 | |
| CVE-2005-2958 | 7.5 |
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
|
03-10-2018 - 21:31 | 25-10-2005 - 16:02 | |
| CVE-2005-2917 | 5.0 |
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
|
11-10-2017 - 01:30 | 30-09-2005 - 18:05 | |
| CVE-2005-3351 | 5.0 |
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
|
11-10-2017 - 01:30 | 20-11-2005 - 21:03 | |
| CVE-2005-3258 | 5.0 |
The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses.
|
08-03-2011 - 02:26 | 20-10-2005 - 10:02 | |
| CVE-2005-3123 | 5.0 |
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
|
08-03-2011 - 02:25 | 30-10-2005 - 20:02 | |
| CVE-2005-3167 | 4.3 |
Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not properly remove certain CSS inputs (HTML inline style attributes) that are processed as active content by Internet Explorer, which allows remote attackers to conduct cross-site sc
|
05-09-2008 - 20:53 | 06-10-2005 - 10:02 |