CVE-2005-1284

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request...

CVE-2005-0334

Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service device crash via an HTTP POST request containing an unknown parameter without a value...

CVE-2005-0886

Cross-site scripting XSS vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request...

CVE-2005-0645

Cross-site scripting XSS vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers to inject arbitrary HTML, web script, and PHP code via the 1 CLIENT-IP or 2 X-FORWARDED-FOR header in an HTTP POST request to shownews.php...

CVE-2005-1128

Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries...

CVE-2005-1284

The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request...

CVE-2005-1128

VHCS 2.4 and earlier are affected by multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via inputs from HTTP POST queries. Affected software: VHCS (Virtual Hosting Control System), versions up to and including 2.4. Root cause: SQL injection in HTT...

CVE-2005-1128

Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries...

CVE-2005-0915

Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to 1 ajoutadmin2.php or 2 suppr.php...

CVE-2005-0915

Webmasters-Debutants WD Guestbook 2.8 is affected by an authentication bypass vulnerability. A remote attacker can bypass authentication and perform administrator actions via a direct HTTP POST to (1) ajout_admin2.php or (2) suppr.php. The NVD entry lists a CVSSv2 base score of 7.5 (HIGH) with ne...

CVE-2005-0886

Cross-site scripting XSS vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request...

Invision Power Board 1.x2.0 - HTML Injection

Invision Power Board 1.x2.0 - HTML Injection source: https://www.securityfocus.com/bid/12888/info Invision Power Board is reported prone to an HTML injection vulnerability. This issue arises due to insufficient sanitization of user-supplied data. It is reported that due to a lack of filtering of...

Invision Power Board 1.x/2.0 - HTML Injection

source: https://www.securityfocus.com/bid/12888/info Invision Power Board is reported prone to an HTML injection vulnerability. This issue arises due to insufficient sanitization of user-supplied data. It is reported that due to a lack of filtering of HTML tags, an attacker can inject an IFRAME...

NotifyLink server provides inadequate protection for cryptographic key material

Overview The NotifyLink key exchange protocol contains a vulnerability that significantly reduces the strength of cryptographic keys used to encrypt mail messages. Description Notify Technology NotifyLink Enterprise Server allows users to synchronize e-mail between a PDA and a mail server. The...

CVE-2005-0674

The CVE-2005-0674 entry concerns the paBox 1.6 News module, where a cross-site scripting (XSS) flaw exists in the News module’s handling of the hidden text parameter in an HTTP POST. The connected documents corroborate an XSS issue affecting paBox/Nuke-based deployments (e.g., Nessus plugin refer...

CVE-2005-0645

Cross-site scripting XSS vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers to inject arbitrary HTML, web script, and PHP code via the 1 CLIENT-IP or 2 X-FORWARDED-FOR header in an HTTP POST request to shownews.php...

Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service

source: https://www.securityfocus.com/bid/12595/info Thomson TCW690 cable modem is reported prone to multiple remote vulnerabilities. These issues may allow an attacker to cause a denial of service condition and/or gain unauthorized access to the device. The following specific issues were...

Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service

Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service source: https://www.securityfocus.com/bid/12595/info Thomson TCW690 cable modem is reported prone to multiple remote vulnerabilities. These issues may allow an attacker to cause a denial of service condition and/or gain unauthorized...

CVE-2003-1084

Monit 1.4 to 4.1 allows remote attackers to cause a denial of service daemon crash via an HTTP POST request with a negative Content-Length field...

CVE-2005-0334

This CVE (CVE-2005-0334) affects Linksys PSUS4 with firmware 6032, where remote attackers can cause a device crash (DoS) by sending an HTTP POST containing an unknown parameter without a value. The available sources confirm the vulnerable component and impact, but do not provide a published remed...