All Vulnerabilities

CVE-ID	Description	CVSS-Score
		V2	V3
CVE-2005-4350	Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vecto...	7.8	None
CVE-2005-4349	DISPUTED SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the ve...	6.5	None
CVE-2005-4348	fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.	7.8	None
CVE-2005-4347	The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host ...	5.0	None
CVE-2005-4346	Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier allows remote attackers to obtain the full path of the application via an invalid permalink parameter to index.php, which produces an invalid SQL query...	5.0	None
CVE-2005-4345	Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges.	7.2	None
CVE-2005-4344	Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration.	2.1	None
CVE-2005-4343	Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in a...	5.0	None
CVE-2005-4342	ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security cont...	7.5	None
CVE-2005-4341	Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id parameter to category.pl...	5.0	None
CVE-2005-4339	Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTM...	4.3	None
CVE-2005-4338	announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parame...	10.0	None
CVE-2005-4337	The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via...	7.5	None
CVE-2005-4336	Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) fwd parameter in admin/adminsignin.html and (2) originalpageid paramet...	4.3	None
CVE-2005-4335	ProjectForum 4.7.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted pageid parameter to admin/versions.html.	7.8	None
CVE-2005-4334	SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp.	7.5	None
CVE-2005-4333	Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) inreplyto, (2) article, and (3) board parameter...	4.3	None
CVE-2005-4332	Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admi...	9.4	None
CVE-2005-4331	SQL injection vulnerability in merchant.ihtml in iHTML Merchant Version 2 Pro allows remote attackers to execute arbitrary SQL commands via the (1) step, (2) id, and (3) pid parameters.	7.5	None
CVE-2005-4330	SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall allows remote attackers to execute arbitrary SQL commands via the (1) id, (2) store, and (3) step parameters.	7.5	None

HPI-VDB — Database for IT-Attack Analysis