Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0911 | 1 E-xoops | 1 E-xoops | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php. | ||||
| CVE-2005-0912 | 1 Deplate | 1 Deplate | 2025-04-03 | N/A |
| Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb. | ||||
| CVE-2005-0913 | 1 Smarty | 1 Smarty | 2025-04-03 | N/A |
| Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code. | ||||
| CVE-2005-0914 | 1 Cpg-nuke | 1 Cpg Dragonfly Cms | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter. | ||||
| CVE-2005-0915 | 1 Webmasters-debutants | 1 Wd Guestbook | 2025-04-03 | N/A |
| Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to (1) ajout_admin2.php or (2) suppr.php. | ||||
| CVE-2005-0919 | 1 Adventia | 2 Adventia Chat, Adventia Server Pro | 2025-04-03 | N/A |
| Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting (XSS) attacks. | ||||
| CVE-2005-0920 | 1 Bugtracker.net | 1 Bugtracker.net | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-0923 | 1 Symantec | 3 Norton Antivirus, Norton Internet Security, Norton System Works | 2025-04-03 | N/A |
| The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share. | ||||
| CVE-2005-0921 | 1 Microsoft | 1 Outlook Connector | 2025-04-03 | N/A |
| Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. | ||||
| CVE-2005-0926 | 1 Sylpheed | 1 Sylpheed | 2025-04-03 | N/A |
| Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names. | ||||
| CVE-2005-0930 | 1 Chatness | 1 Chatness | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in message.php in Chatness 2.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the user field or (2) the message parameter to message.php. | ||||
| CVE-2005-0932 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order. | ||||
| CVE-2005-0931 | 1 Jimmy | 1 The Includer | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execute arbitrary PHP code. | ||||
| CVE-2005-0936 | 1 Esmi | 1 Paypal Storefront | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2005-0942 | 1 Sybase | 1 Adaptive Server Enterprise | 2025-04-03 | N/A |
| The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port. | ||||
| CVE-2005-0947 | 1 Coinsoft Technologies | 1 Phpcoin | 2025-04-03 | N/A |
| Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and earlier allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2005-0948 | 1 Iatek | 1 Portalapp | 2025-04-03 | N/A |
| SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitrary SQL commands via the banner_id parameter. | ||||
| CVE-2005-0949 | 1 Iatek | 1 Portalapp | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote attackers to inject arbitrary web script or HTML via the (1) contenttype or (2) keywords parameter. | ||||
| CVE-2005-0950 | 1 Faststone | 1 4in1 Browser | 2025-04-03 | N/A |
| Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL. | ||||
| CVE-2005-0959 | 1 Yepyep | 1 Mtftpd | 2025-04-03 | N/A |
| Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path. | ||||