Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1094 | 1 Network-client.com | 1 Ftp Now | 2025-04-03 | N/A |
| FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. | ||||
| CVE-2005-1095 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2005-1096 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2025-04-03 | N/A |
| SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | ||||
| CVE-2005-1098 | 1 Runtime Software | 1 Getdataback For Ntfs | 2025-04-03 | N/A |
| GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the License registry key, which may allow local users to obtain sensitive information. | ||||
| CVE-2005-1099 | 1 Salim Gasmi | 1 Gld | 2025-04-03 | N/A |
| Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-1097 | 1 Rebrand | 1 P2p Share Spy | 2025-04-03 | N/A |
| Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the registry, which allows local users to gain privileges. | ||||
| CVE-2005-1093 | 1 Popup Plus Plugin | 1 Popup Plus Plugin For Miranda Im | 2025-04-03 | N/A |
| Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-1105 | 1 Sun | 1 Javamail | 2025-04-03 | N/A |
| Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in the Content-Disposition header. | ||||
| CVE-2005-1104 | 1 Centra | 1 Centra | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) first name, or (3) last name fields. | ||||
| CVE-2005-1106 | 1 Apple | 1 Quicktime Pictureviewer | 2025-04-03 | N/A |
| PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow. | ||||
| CVE-2005-1108 | 1 Junkbuster | 1 Internet Junkbuster | 2025-04-03 | N/A |
| The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remote attackers to overwrite the referrer field via a crafted HTTP request. | ||||
| CVE-2005-1103 | 1 Sygate Technologies | 1 Security Agent | 2025-04-03 | N/A |
| Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA. | ||||
| CVE-2005-1107 | 1 Mcafee | 1 Internet Security Suite | 2025-04-03 | N/A |
| McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files. | ||||
| CVE-2005-1101 | 1 Ibm | 1 Lotus Domino Server | 2025-04-03 | N/A |
| Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via large amounts of data in certain (1) time or (2) date fields. | ||||
| CVE-2005-1102 | 1 Wordpress | 1 Wordpress | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post. | ||||
| CVE-2005-1112 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via an HTTP request with an invalid Host header, which causes the page to be processed by the web server instead of the JSP engine. | ||||
| CVE-2005-1113 | 1 Phpbb Group | 1 Phpbb Plus | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and earlier allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) the c parameter to index.php, or (7) the article parameter to portal.php. | ||||
| CVE-2005-1114 | 2 Phpbb Group, Smartor | 2 Phpbb, Photo Album | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters. | ||||
| CVE-2005-1115 | 2 Phpbb Group, Smartor | 2 Phpbb, Photo Album | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php. | ||||
| CVE-2005-1116 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php. | ||||