CVE-2005-2321

CVE-2005-2321 - PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4) mcpi-demo.php. ...
16 years ago

CVE-2006-2321 - Multiple cross-site scripting (XSS) vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: due to lack of details from the researcher, it is not clear ...
6 years ago

CVE-2015-2321 - Cross-site scripting (XSS) vulnerability in the Job Manager plugin 0.7.22 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the email field. ...
3 years ago

CVE-2002-2321 - Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter. ...
16 years ago

CVE-2014-2321 - web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials. Per: ...
11 years ago

CVE-2011-2321 - Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDNET). ...
8 years ago

CVE-2004-2321 - BEA WebLogic Server and Express 8.1 SP1 and earlier allows local users in the Operator role to obtain administrator passwords via MBean attributes, including (1) ServerStartMBean.Password and (2) NodeManagerMBean.CertificatePassword. ...
7 years ago

CVE-2007-2321 - Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors. ...
7 years ago

CVE-2008-2321 - Unspecified vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unknown vectors involving "processing of ...
7 years ago

CVE-2010-2321 - Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrary code via a crafted .indd file. ...
7 years ago

CVE-2012-2321 - The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply. ...
7 years ago

CVE-2009-2321 - cgi-bin/sysconf.cgi on the Axesstel MV 410R allows remote attackers to cause a denial of service (configuration reset) via a RESTORERESTORE query string. ...
6 years ago

CVE-2006-2303 - Cross-Application Scripting (XAS) vulnerability in ICQ Client 5.04 build 2321 and earlier allows remote attackers to inject arbitrary web script from one application into another via a banner, which is processed in the My Computer zone using the ...
6 years ago

CVE-2017-2321 - A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, ...
5 years ago

CVE-2013-2321 - Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
5 years ago

CVE-2022-2321 - Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks. ...
2 years ago

CVE-2023-2321 - The WPForms Google Sheet Connector WordPress plugin before 3.4.6, gsheetconnector-wpforms-pro WordPress plugin through 3.4.6 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which ...
1 year ago

CVE-2019-2321 - Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, ...
5 years ago

CVE-2021-2321 - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure ...
3 years ago

CVE-2020-2321 - A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project. ...
1 year ago

CVE-2018-2321 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
55 years ago Tenable.com

CVE-2024-26698 - In the Linux kernel, the following vulnerability has been resolved: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove In commit ac5047671758 ("hv_netvsc: Disable NAPI before closing the VMBus channel"), napi_disable was getting ...
11 months ago Tenable.com

CVE-2024-2321 - An incorrect authorization vulnerability exists in multiple WSO2 products, allowing protected APIs to be accessed directly using a refresh token instead of the expected access token. Due to improper authorization checks and token mapping, session ...
2 weeks ago

CVE-2025-2321 - A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID ...
14 hours ago

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago