Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0662 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field. | ||||
| CVE-2005-0668 | 1 Christian Hilgers | 1 Http Anti Virus Proxy \(havp\) | 2026-04-16 | N/A |
| Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (2) .ZIP files. | ||||
| CVE-2005-0671 | 1 Ca3de | 1 Ca3de | 2026-04-16 | N/A |
| Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | ||||
| CVE-2005-0664 | 2 Libexif, Redhat | 2 Libexif, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag. | ||||
| CVE-2005-0665 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename. | ||||
| CVE-2005-0666 | 1 The Pax Team | 1 Pax Linux | 2026-04-16 | N/A |
| Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass intended access restrictions and execute arbitrary code. | ||||
| CVE-2005-0669 | 1 Coinsoft Technologies | 1 Phpcoin | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 through 1.2.1b allow remote attackers to execute arbitrary SQL commands via the (1) the faq_id in the faq mod, (2) the id parameter in the pages mod, (3) the id parameter in the siteinfo module, (4) the topic_id parameter in the articles module, (5) the ord_id in the orders module, (6) the dom_id parameter in the domains module, or (7) the invd_id parameter in the invoices module. | ||||
| CVE-2005-0670 | 1 Coinsoft Technologies | 1 Phpcoin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 through 1.2.1b allows remote attackers to inject arbitrary web script or HTML via (1) the new parameter to mod.php, (2) the w parameter to mod.php, (3) the e parameter to login.php, (4) the o parameter to login.php, and possibly other scripts. | ||||
| CVE-2005-0672 | 1 Ca3de | 1 Ca3de | 2026-04-16 | N/A |
| Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via text strings that are not null terminated, which triggers a null dereference. | ||||
| CVE-2005-0673 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php. | ||||
| CVE-2005-0675 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. | ||||
| CVE-2005-0677 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter. | ||||
| CVE-2005-0678 | 1 Stadtaus | 1 Form Mail Script | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0682 | 1 Drupal | 1 Drupal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs. | ||||
| CVE-2005-0684 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | ||||
| CVE-2005-0696 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5. | ||||
| CVE-2005-0697 | 1 Brt | 1 Copperexport | 2026-04-16 | N/A |
| SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | ||||
| CVE-2005-0698 | 1 Jason Hines | 1 Phpweblog | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0701 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename. | ||||
| CVE-2005-0702 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages. | ||||