CVE-2005-2334

Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.

Publication date: Wed, 20 Jul 2005 09:00:00 +0000

Cyber News related to CVE-2005-2334

CVE-2024-35896 - In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports showing old bugs exposed by BPF after commit 20f2505fb436 ("bpf: Try to avoid kzalloc in ...
1 month ago Tenable.com

CVE-2024-35976 - In the Linux kernel, the following vulnerability has been resolved: ...
2 weeks ago

CVE-2005-2334 - Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi. ...
15 years ago

CVE-2008-5192 - SQL injection vulnerability in forum.asp in W1L3D4 Philboard 1.14 and 1.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. NOTE: this might overlap CVE-2008-2334, CVE-2008-1939, CVE-2007-2641, or CVE-2007-0920. ...
6 years ago

CVE-2008-2334 - Multiple SQL injection vulnerabilities in W1L3D4 Philboard 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) forumid parameter to (a) admin/philboard_admin-forumedit.asp, (b) admin/philboard_admin-forum.asp, and (c) ...
6 years ago

CVE-2014-2336 - Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different ...
6 years ago

CVE-2014-2334 - Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336. ...
6 years ago

CVE-2002-2334 - Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users. ...
15 years ago

CVE-2010-2334 - Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to read arbitrary files via a .. (dot dot) in the download parameter. ...
14 years ago

CVE-2007-2334 - Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration ...
13 years ago

CVE-2015-2334 - Cross-site request forgery (CSRF) vulnerability in the Admin Control Panel (ACP) login in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. ...
7 years ago

CVE-2017-2334 - An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials ...
7 years ago

CVE-2004-2334 - Multiple cross-site scripting (XSS) vulnerabilities in EMU Webmail 5.2.7 allow remote attackers to inject arbitrary web script or HTML via (1) a hex-encoded value to the variable parameter in emumail.fcgi, (2) the folder parameter in emumail.fcgi, or ...
6 months ago

CVE-2016-2334 - Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image. ...
6 years ago

CVE-2009-2334 - wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain ...
5 years ago

CVE-2006-2334 - The RtlDosPathNameToNtPathName_U API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that ...
5 years ago

CVE-2019-2334 - Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, ...
4 years ago

CVE-2013-2334 - Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681. ...
4 years ago

CVE-2011-2334 - Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections. ...
4 years ago

CVE-2017-14184 - An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2334 and below versions allows regular users to see ...
4 years ago

CVE-2021-2334 - Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having ...
2 years ago

CVE-2021-3200 - Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service ...
1 year ago

CVE-2022-2334 - The application searches for a library dll that is not found. If an attacker can place a dll with this name, then the attacker can leverage it to execute arbitrary code on the targeted Softing Secure Integration Server V1.22. ...
1 year ago

CVE-2012-2334 - Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via ...
1 year ago

CVE-2018-2334 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
54 years ago Tenable.com

Latest Cyber News

CVE-2024-39943 - 4 hours ago
CVE-2024-39937 - 5 hours ago
CVE-2024-39936 - 6 hours ago
CVE-2024-39935 - 6 hours ago
CVE-2024-6488 - 6 hours ago
CVE-2024-37472 - 8 hours ago
CVE-2024-39934 - 8 hours ago
CVE-2024-6511 - 8 hours ago
CVE-2024-37474 - 8 hours ago
CVE-2024-37471 - 8 hours ago
CVE-2024-37476 - 9 hours ago
CVE-2024-6513 - 11 hours ago
CVE-2024-39933 - 11 hours ago
CVE-2024-39932 - 11 hours ago
CVE-2024-39931 - 11 hours ago
CVE-2024-39930 - 11 hours ago
CVE-2024-39929 - 12 hours ago
CVE-2024-21520 - 12 hours ago
CVE-2024-22277 - 13 hours ago
CVE-2024-39165 - 14 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-39937 - 5 hours ago
CVE-2024-39943 - 4 hours ago
CVE-2024-39936 - 6 hours ago
CVE-2024-39935 - 6 hours ago
CVE-2024-37476 - 9 hours ago
CVE-2024-37472 - 8 hours ago
CVE-2024-39934 - 8 hours ago
CVE-2024-6511 - 8 hours ago
CVE-2024-37474 - 8 hours ago
CVE-2024-37471 - 8 hours ago
CVE-2024-6513 - 11 hours ago
CVE-2024-39933 - 11 hours ago
CVE-2024-39932 - 11 hours ago
CVE-2024-39931 - 11 hours ago
CVE-2024-39930 - 11 hours ago
CVE-2024-22277 - 13 hours ago
CVE-2024-39929 - 12 hours ago
CVE-2024-5943 - 15 hours ago
CVE-2024-6507 - 15 hours ago
CVE-2024-39165 - 14 hours ago