CVE-2005-1783

BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.

Publication date: Thu, 11 Sep 2008 00:40:00 +0000

Cyber News related to CVE-2005-1783

CVE-2005-1783 - BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the ...
11 months ago

CVE-2014-2782 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-1795 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-1773 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2759 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-1805 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-1786 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-1784 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-1783 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2775 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2766 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2758 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2014-2765 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago

CVE-2007-1783 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1685. Reason: This candidate is a duplicate of CVE-2007-1685. Notes: All CVE users should reference CVE-2007-1685 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2004-1783 - Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. (slash dot dot). ...
16 years ago

CVE-2002-1783 - CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or ...
7 years ago

CVE-2015-1783 - The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors. ...
7 years ago

CVE-2012-1783 - Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a long string in a GET request without an HTTP version number. ...
7 years ago

CVE-2013-1783 - Cross-site scripting (XSS) vulnerability in the 3 slide gallery in page--front.tpl.php in the Business theme before 7.x-1.8 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via ...
7 years ago

CVE-2010-1783 - WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; does not properly handle dynamic modification of a text node, which allows remote attackers to execute ...
7 years ago

CVE-2008-1783 - Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php. ...
7 years ago

CVE-2009-1783 - Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote ...
6 years ago

CVE-2006-1783 - Cross-site scripting (XSS) vulnerability in PatroNet CMS allows remote attackers to inject arbitrary web script or HTML via the URI. ...
6 years ago

CVE-2016-1783 - WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. ...
5 years ago

CVE-2017-1783 - IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force ID: 136857. ...
5 years ago

Latest Cyber News

CVE-2024-10914 - 19 hours ago
CVE-2024-10915 - 19 hours ago
CVE-2020-11859 - 19 hours ago
CVE-2024-10186 - 20 hours ago
CVE-2024-10168 - 21 hours ago
CVE-2024-8323 - 21 hours ago
CVE-2024-10715 - 22 hours ago
CVE-2024-9902 - 23 hours ago
CVE-2024-8614 - 1 day ago
CVE-2024-8615 - 1 day ago
CVE-2024-52043 - 1 day ago
CVE-2024-9681 - 1 day ago
CVE-2024-10543 - 1 day ago
CVE-2024-6626 - 1 day ago
CVE-2024-9307 - 1 day ago
CVE-2024-9946 - 1 day ago
CVE-2024-10020 - 1 day ago
CVE-2024-10535 - 1 day ago
CVE-2024-7879 - 1 day ago
CVE-2024-9934 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 10 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10826 - 2 days ago
CVE-2024-10827 - 2 days ago
CVE-2024-9657 - 1 day ago
CVE-2024-10263 - 1 day ago
CVE-2024-7059 - 1 day ago
CVE-2024-10842 - 1 day ago
CVE-2024-10859 - 1 day ago
CVE-2023-29114 - 1 day ago
CVE-2023-29115 - 1 day ago
CVE-2024-10844 - 1 day ago
CVE-2024-10845 - 1 day ago
CVE-2024-50993 - 1 day ago
CVE-2024-50994 - 1 day ago
CVE-2024-50995 - 1 day ago
CVE-2024-50996 - 1 day ago
CVE-2024-50997 - 1 day ago
CVE-2024-50998 - 1 day ago
CVE-2024-50999 - 1 day ago
CVE-2024-51000 - 1 day ago
CVE-2024-51001 - 1 day ago