Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3792 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type. | ||||
| CVE-2006-4451 | 1 Cj Design | 1 Cj Tag Board | 2025-04-03 | N/A |
| Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the (1) User-Agent HTTP header in tag.php, which is executed by all.php, and (2) the banned parameter in admin_index.php. | ||||
| CVE-2005-0012 | 1 Dillo | 1 Dillo Web Browser | 2025-04-03 | N/A |
| Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page. | ||||
| CVE-2005-0058 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2025-04-03 | N/A |
| Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to elevate privileges or execute arbitrary code via a crafted message. | ||||
| CVE-2004-0219 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. | ||||
| CVE-2002-1093 | 1 Cisco | 1 Vpn 3000 Concentrator Series Software | 2025-04-03 | N/A |
| HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | ||||
| CVE-2005-1026 | 2 Dlman Pro, Linkz Pro | 2 Dlman Pro, Linkz Pro | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro). | ||||
| CVE-2005-1272 | 2 Broadcom, Ca | 4 Brightstor Enterprise Backup, Brightstor Arcserve Backup, Brightstor Arcserve Backup Agent and 1 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050. | ||||
| CVE-2005-1287 | 1 Bk Dev | 1 Bk Forum | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp. | ||||
| CVE-2005-1288 | 1 Asp Press | 1 Acs Blog | 2025-04-03 | N/A |
| inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the "in" value in a cookie. | ||||
| CVE-2005-1303 | 1 Citat.pl | 1 Citat.pl | 2025-04-03 | N/A |
| The citat.pl script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2025-04-03 | N/A |
| The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | ||||
| CVE-2005-1312 | 1 Yappa-ng | 1 Yappa-ng | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors. | ||||
| CVE-2005-1321 | 1 Horde | 1 Vaction | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | ||||
| CVE-2005-1324 | 1 Matthieu Aubry | 1 Phpmyvisites | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters. | ||||
| CVE-2005-1348 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | N/A |
| Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to execute arbitrary code via a long HTTP Authorization header. | ||||
| CVE-2005-1349 | 1 Perl | 1 Convert Uulib | 2025-04-03 | N/A |
| Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation. | ||||
| CVE-2005-1358 | 1 Text.cgi | 1 Text.cgi | 2025-04-03 | N/A |
| text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-1366 | 1 Pico Server | 1 Pico Server | 2025-04-03 | N/A |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL. | ||||
| CVE-2005-1374 | 1 Claroline | 1 Claroline | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to inject arbitrary web script or HTML via (1) exercise_result.php, (2) exercice_submit.php, (3) agenda.php, (4) learningPathList.php, (5) learningPathAdmin.php, (6) learningPath.php, (7) userLog.php, (8) tool parameter to toolaccess_details.php, (9) data parameter to user_access_details.php, or (10) coursePath parameter to myagenda.php. | ||||