Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3942 | 1 Greywyvern | 1 Orca Knowledgebase | 2025-04-03 | N/A |
| SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter. | ||||
| CVE-2005-3943 | 1 Faq System | 1 Faq System | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) FAQ_ID and (2) action parameters in (a) viewFAQ.php; and (3) CATEGORY_ID parameter in (b) index.php. | ||||
| CVE-2005-3938 | 1 Softbiz | 1 Faq | 2025-04-03 | N/A |
| SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | ||||
| CVE-2005-1440 | 1 Codetosell | 1 Viart Shop Enterprise | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) various parameters to basket.php, (2) the nickname, email, topic, and message fields in forum.php, as demonstrated using forum_new_thread.php and forum_thread.php, (3) the page parameter to page.php, (4) category_id and item_id parameters to reviews.php, (5) the category_id parameter to product_details.php, (6) the category_id or search_string parameters to products.php, or (7) the rp or page parameters to news_view.php. | ||||
| CVE-2005-3949 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_template.php, and (4) multiple parameters to export_handler.php. | ||||
| CVE-2005-3950 | 1 Nufw | 1 Nufw | 2025-04-03 | N/A |
| nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service via malformed packets. | ||||
| CVE-2005-3951 | 1 Php Labs | 1 Survey Wizard | 2025-04-03 | N/A |
| SQL injection vulnerability in survey.php in PHP Labs Survey Wizard allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-2005-3960 | 1 Kadu | 1 Kadu | 2025-04-03 | N/A |
| Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information. | ||||
| CVE-2005-3957 | 1 Dotclear | 1 Dotclear | 2025-04-03 | N/A |
| Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors. | ||||
| CVE-2005-3961 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | N/A |
| export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter. | ||||
| CVE-2005-3966 | 1 Java Search Engine | 1 Java Search Engine | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-3967 | 1 Atlassian | 1 Confluence | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter. | ||||
| CVE-2005-3968 | 1 Phpx | 1 Phpx | 2025-04-03 | N/A |
| SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier allows remote attackers to execute arbitrary SQL commands, bypass authentication, and upload arbitrary PHP code via the username parameter. | ||||
| CVE-2005-3969 | 1 Mxchange | 1 Mxchange | 2025-04-03 | N/A |
| SQL injection vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-3970 | 1 Mxchange | 1 Mxchange | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-3977 | 1 Qualityebiz | 1 Qualityppc | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in QualityEBiz Quality PPC 1553 allows remote attackers to inject web script or HTML via the REQ parameter to the search module. | ||||
| CVE-2005-3974 | 1 Drupal | 1 Drupal | 2025-04-03 | N/A |
| Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce user privileges, which allows remote attackers to bypass the "access user profiles" permission. | ||||
| CVE-2005-3983 | 1 Hp | 1 Systems Insight Manager | 2025-04-03 | N/A |
| Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. | ||||
| CVE-2005-3982 | 1 Webcalendar | 1 Webcalendar | 2025-04-03 | N/A |
| CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests. | ||||
| CVE-2005-3985 | 1 Astaro | 1 Security Linux | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||