CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2005-3012
https://notcve.org/view.php?id=CVE-2005-3012
21 Sep 2005 — The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037174.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3CVE-2005-2562 – Gravity Board X 1.1 - Login SQL Injection
https://notcve.org/view.php?id=CVE-2005-2562
16 Aug 2005 — SQL injection vulnerability in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the login field. • https://www.exploit-db.com/exploits/26106 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2005-2563
https://notcve.org/view.php?id=CVE-2005-2563
16 Aug 2005 — Multiple cross-site scripting (XSS) vulnerabilities in Gravity Board X (GBX) 1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the board_id parameter to deletethread.php or (2) the template. • http://marc.info/?l=bugtraq&m=112351740803443&w=2 •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2005-2564 – Gravity Board X 1.1 - 'csscontent' Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-2564
16 Aug 2005 — Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file. • https://www.exploit-db.com/exploits/1510 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2565
https://notcve.org/view.php?id=CVE-2005-2565
16 Aug 2005 — Gravity Board X (GBX) 1.1 allows remote attackers to obtain sensitive information via (1) a 1 in the perm parameter to deletethread.php or a direct request to (2) ban.php, (3) addnews.php, (4) banned.php, (5) boardstats.php, (6) adminform.php, (7) /forms/admininfo.php, (8) /forms/announcements.php, (9) forms/banform.php, or (10) other pages in the /forms directory, which reveal the path in an error message. • http://marc.info/?l=bugtraq&m=112351740803443&w=2 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2005-1187
https://notcve.org/view.php?id=CVE-2005-1187
19 Apr 2005 — Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability. • http://securitytracker.com/id?1013727 •
CVSS: 9.8EPSS: 3%CPEs: 82EXPL: 0CVE-2005-0605 – libxpm buffer overflow
https://notcve.org/view.php?id=CVE-2005-0605
02 Mar 2005 — scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2004-2368 – RobotFTP Server 1.0/2.0 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-2368
31 Dec 2004 — PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter. • https://www.exploit-db.com/exploits/23750 •
CVSS: 10.0EPSS: 0%CPEs: 40EXPL: 0CVE-2004-0914 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0914
15 Dec 2004 — Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candida... • http://rhn.redhat.com/errata/RHSA-2004-537.html •
CVSS: 8.8EPSS: 16%CPEs: 23EXPL: 0CVE-2004-0688 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0688
24 Sep 2004 — Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. Múltiples desbordamientos de búfer en xpmParseColors en parse.c de libXpm anteriores a 6.8.1 permite a atacantes remotos ejecutar código arbitrario mediante un fichero de imagen XPM malformado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924 •