CyberSecurityBoard
Sponsor Register Login

CVE-2005-1181

** DISPUTED ** NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005.

Publication date: Mon, 02 May 2005 09:00:00 +0000


Cyber News related to CVE-2005-1181

CVE-2005-1181 - ** DISPUTED ** NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL ...
7 years ago
CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago
CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago
CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago
CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago
CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
55 years ago Tenable.com
CVE-2005-3122 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should ...
55 years ago Tenable.com
CVE-2005-2965 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should ...
55 years ago Tenable.com
CVE-2005-2937 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3663, CVE-2005-3664. Reason: this candidate was intended for one issue, but multiple advisories used this candidate for different issues. Notes: All CVE users should consult ...
55 years ago Tenable.com
CVE-2005-2802 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2872, CVE-2005-2873. Reason: this candidate's description originally combined two separate issues. Notes: All CVE users should consult CVE-2005-2872 and CVE-2005-2873 to ...
55 years ago Tenable.com
CVE-2005-2355 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2335, CVE-2005-2356. Reason: due to a typo in an advisory, this candidate was accidentally referenced. Notes: All CVE users should consult CVE-2005-2335 and CVE-2005-2356 to ...
55 years ago Tenable.com
CVE-2019-1181 - A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ...
4 years ago
CVE-2016-1181 - ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart ...
4 years ago
CVE-1999-1181 - Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. ...
16 years ago
CVE-2007-1181 - WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the username through Edit Profile forms, which has unknown impact and attack vectors. ...
14 years ago
CVE-2010-1181 - Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. ...
13 years ago
CVE-2003-1181 - Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. ...
7 years ago
CVE-2004-1181 - htmlheadline before 21.8 allows local users to overwrite arbitrary files via a symlink attack on temporary files. ...
7 years ago
CVE-2012-1181 - fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via ...
7 years ago
CVE-2000-1181 - Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. ...
7 years ago
CVE-2001-1181 - Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges. ...
7 years ago
CVE-2008-1181 - Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message. ...
6 years ago
CVE-2013-1181 - Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by ...
6 years ago
CVE-2017-1181 - IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487. ...
5 years ago
CVE-2017-14017 - An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)