Export limit exceeded: 34736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4468 | 1 Phpgedview | 1 Phpgedview | 2025-04-03 | N/A |
| PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. | ||||
| CVE-2005-4469 | 1 Phpgedview | 1 Phpgedview | 2025-04-03 | N/A |
| Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_register.php, which is directly inserted into authenticate.php. | ||||
| CVE-2005-4466 | 1 Interactive Intelligence | 1 Interaction Sip Proxy | 2025-04-03 | N/A |
| Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters. | ||||
| CVE-2005-4470 | 1 Blender | 1 Blenloader | 2025-04-03 | N/A |
| Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. | ||||
| CVE-2005-4475 | 1 Alkacon | 1 Opencms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4476 | 1 Openedit Inc | 1 Openedit | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page parameters. | ||||
| CVE-2005-4480 | 1 Plexcor | 1 Plexcor Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4477 | 1 Papaya | 1 Papaya Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter. | ||||
| CVE-2005-4479 | 1 Phpslash | 1 Phpslash | 2025-04-03 | N/A |
| SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | ||||
| CVE-2005-4484 | 1 Iatek | 1 Intranetapp | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2) do_search and (3) search parameters to content.asp. | ||||
| CVE-2005-4486 | 1 Quantum Art | 1 Qp7 Enterprise | 2025-04-03 | N/A |
| SQL injection vulnerability in Quantum Art QP7.Enterprise (formerly Q-Publishing) allows remote attackers to execute arbitrary SQL commands via the p_news_id parameter to (1) news_and_events_new.asp and (2) news.asp. NOTE: on 20060227, the vendor disputed the accuracy of this report, saying that the p_news_id, news_and_events_new.asp, and news.asp are not specifically part of their product, although they could be dynamically generated through use of the product. Some investigation by CVE suggests evidence that the news_and_events_new.asp page has at least a forced invalid SQL syntax error, but this could not be repeated for news.asp | ||||
| CVE-2005-4487 | 1 Ramsite | 1 R1 Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. | ||||
| CVE-2005-4492 | 1 Starphire Technologies | 5 Sitesage, Sitesage-ee, Sitesage-le and 2 more | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter. | ||||
| CVE-2005-4493 | 1 Speartek | 1 Speartek | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4494 | 1 Spip | 1 Spip | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) spip_login.php3 and (2) spip_pass.php3. | ||||
| CVE-2005-4496 | 1 Forum One | 1 Syntaxcms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | ||||
| CVE-2005-4604 | 1 Jean-jacques Sarton | 1 Mtink | 2025-04-03 | N/A |
| Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2005-4503 | 1 Net-square | 1 Httprint | 2025-04-03 | N/A |
| httprint v202, and possibly other versions before v301, allows remote attackers to cause a denial of service (crash) via a long Server field in an HTTP response. | ||||
| CVE-2005-4498 | 1 Text-e | 1 Text-e Cms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4501 | 1 Mediawiki | 1 Mediawiki | 2025-04-03 | N/A |
| MediaWiki before 1.5.4 uses a hard-coded "internal placeholder string", which allows remote attackers to bypass protection against cross-site scripting (XSS) attacks and execute Javascript using inline style attributes, which are processed by Internet Explorer. | ||||