CyberSecurityBoard
Sponsor Register Login

CVE-2005-2486

SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701.

Publication date: Sun, 07 Aug 2005 09:00:00 +0000


Cyber News related to CVE-2005-2486

CVE-2005-2486 - SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability ...
16 years ago
CVE-2015-2492 - Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than ...
6 years ago
CVE-2015-2498 - Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than ...
6 years ago
CVE-2015-2494 - Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2015-2499 - Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than ...
6 years ago
CVE-2015-2486 - Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2015-2487 - Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than ...
6 years ago
CVE-2015-2490 - Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than ...
6 years ago
CVE-2014-2477 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a ...
6 years ago
CVE-2014-2486 - Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a ...
6 years ago
CVE-2013-2487 - epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted ...
6 years ago
CVE-2011-2486 - nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended ...
11 years ago
CVE-2016-2486 - mp3dec/SoftMP3.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate the relationship between allocated memory and the frame size, which allows attackers ...
8 years ago
CVE-2008-2486 - Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to "staticservers.dat processing." ...
7 years ago
CVE-2009-2486 - Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets. ...
7 years ago
CVE-2007-2486 - Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 (aka PStruh-CZ) allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter. ...
7 years ago
CVE-2006-2486 - SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter. ...
6 years ago
CVE-2012-2486 - The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server ...
6 years ago
CVE-2013-2486 - The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a ...
6 years ago
CVE-2004-2486 - The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access. ...
6 years ago
CVE-2018-2486 - SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. ...
5 years ago
CVE-2017-2486 - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site. ...
5 years ago
CVE-2019-2486 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker ...
4 years ago
CVE-2022-2486 - A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?pageupgrade. The manipulation of the argument key leads to os command injection. The exploit has ...
2 years ago
CVE-2010-2486 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none ...
54 years ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)