Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0675 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. | ||||
| CVE-2005-0677 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter. | ||||
| CVE-2005-0678 | 1 Stadtaus | 1 Form Mail Script | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0682 | 1 Drupal | 1 Drupal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs. | ||||
| CVE-2005-0684 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | ||||
| CVE-2005-0696 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5. | ||||
| CVE-2005-0697 | 1 Brt | 1 Copperexport | 2026-04-16 | N/A |
| SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | ||||
| CVE-2005-0698 | 1 Jason Hines | 1 Phpweblog | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0700 | 1 Aztek Forum | 1 Aztek Forum | 2026-04-16 | N/A |
| The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie. | ||||
| CVE-2005-0701 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename. | ||||
| CVE-2005-0702 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages. | ||||
| CVE-2005-0704 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | ||||
| CVE-2005-0705 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-0706 | 2 Grip, Redhat | 2 Grip, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected. | ||||
| CVE-2005-0719 | 1 Hp | 1 Tru64 | 2026-04-16 | N/A |
| Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allows local users to cause a denial of service (process crash) for processes such as nfsstat, pfstat, arp, ogated, rarpd, route, sendmail, srconfig, strsetup, trpt, netstat, and xntpd. | ||||
| CVE-2005-0722 | 1 Experience2 | 1 Experience2 | 2026-04-16 | N/A |
| eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message. | ||||
| CVE-2005-0741 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action. | ||||
| CVE-2005-0718 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory. | ||||
| CVE-2005-0731 | 1 Py Software | 1 Active Webcam | 2026-04-16 | N/A |
| PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Filelist.html. | ||||
| CVE-2005-0724 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message. | ||||