Export limit exceeded: 349367 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4487 | 1 Ramsite | 1 R1 Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. | ||||
| CVE-2005-4488 | 1 Computeroil | 1 Redakto Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Redakto WCMS 3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) iid, (2) iid2, (3) r, (4) cart, (5) str, (6) nf, and (7) a parameters. | ||||
| CVE-2005-4489 | 1 Scoop | 1 Scoop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string in a story. | ||||
| CVE-2005-4508 | 1 Nexus Concepts | 1 Dev Hound | 2026-04-16 | N/A |
| Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file. | ||||
| CVE-2005-4509 | 1 Parallel Tools Consortium | 1 Ptools | 2026-04-16 | N/A |
| SQL injection vulnerability in index.asp in pTools allows remote attackers to execute arbitrary SQL commands via the docID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4510 | 1 Extensis | 1 Netpublish Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter. | ||||
| CVE-2005-4511 | 1 Curtis Hawthorne | 1 Tn3270 Resource Gateway | 2026-04-16 | N/A |
| Format string vulnerability in TN3270 Resource Gateway 1.1.0 allows local users to cause a denial of service and possibly execute arbitrary code via format string specifiers in syslog function calls. | ||||
| CVE-2005-4512 | 1 Waxtrapp | 1 Waxtrapp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4513 | 1 Wandsoft | 1 E-search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WANDSOFT e-SEARCH allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the keywords parameter. | ||||
| CVE-2005-4516 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags. | ||||
| CVE-2005-4517 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php. | ||||
| CVE-2005-4518 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Mantis before 0.19.4 allows remote attackers to bypass the file upload size restriction by modifying the max_file_size parameter to (1) bug_file_add.php, (2) bug_report.php, (3) bug_report_advanced_page.php, and (4) proj_doc_add_page.php. | ||||
| CVE-2005-4519 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the manage user page (manage_user_page.php) in Mantis 1.0.0rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prefix and (2) sort parameters to the manage user page (manage_user_page.php), or (3) the sort parameter to view_all_set.php. | ||||
| CVE-2005-4522 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the view_filters_page.php filters script in Mantis 1.0.0rc3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) view_type and (2) target_field parameters. | ||||
| CVE-2005-4523 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-4524 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. | ||||
| CVE-2005-4525 | 1 Sygate Technologies | 1 Protection Agent | 2026-04-16 | N/A |
| SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch. | ||||
| CVE-2005-4526 | 1 Clearswift | 1 Mimesweeper For Web | 2026-04-16 | N/A |
| Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file. | ||||
| CVE-2005-4527 | 1 Direct News | 1 Direct News | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Direct News 4.9 allow remote attackers to execute arbitrary SQL commands via (1) the setLang parameter in index.php and (2) unspecified search module parameters. | ||||
| CVE-2005-4528 | 1 Chatspot | 1 Chatspot | 2026-04-16 | N/A |
| SQL injection vulnerability in the Chatspot 2.0.0a7 module for phpBB allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||