Show filters
25 Total Results
Displaying 21-25 of 25
Sort by:
Attacker Value
Unknown

CVE-2005-0606

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeCart 2.0.0 through 2.0.5, as used in multiple PHP files, allows remote attackers to inject arbitrary HTML or web script via the (1) cat_id, (2) PHPSESSID, (3) view_doc, (4) product, (5) session, (6) catname, (7) search, or (8) page parameters.
0
0
Attacker Value
Unknown

CVE-2005-0607

Disclosure Date: May 02, 2005 (last updated February 22, 2025)
CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message.
0
0
Attacker Value
Unknown

CVE-2004-2390

Disclosure Date: December 31, 2004 (last updated February 22, 2025)
The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2004-2391

Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service a message with an empty <priority/> tag.
0
0
Attacker Value
Unknown

CVE-2004-2389

Disclosure Date: December 31, 2004 (last updated February 22, 2025)
Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration.
0
0
View More Topics  < Previous