Export limit exceeded: 344952 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344952 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344952 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1864 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter. | ||||
| CVE-2005-1865 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote attackers to execute arbitrary SQL commands via the catview parameter to (1) cal_week.php, (2) cal_cat.php, or (3) cal_day.php, or (4) id parameter to cal_pophols.php. | ||||
| CVE-2005-1866 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter. | ||||
| CVE-2005-1857 | 1 Simpleproxy | 1 Simpleproxy | 2026-04-16 | N/A |
| Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply. | ||||
| CVE-2005-1868 | 1 Yvesglodt | 1 I-man | 2026-04-16 | N/A |
| I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension. | ||||
| CVE-2005-1869 | 1 Appindex | 1 Mwchat | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter. | ||||
| CVE-2005-1870 | 1 Popper | 1 Popper | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter. | ||||
| CVE-2005-1871 | 1 Drupal | 1 Drupal | 2026-04-16 | N/A |
| Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain privileges, due to an "input check" that "is not implemented properly." | ||||
| CVE-2005-1872 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-1873 | 1 Crob | 1 Crob Ftp | 2026-04-16 | N/A |
| Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string. | ||||
| CVE-2005-1874 | 1 Evan Wagner | 1 Dzip | 2026-04-16 | N/A |
| Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive. | ||||
| CVE-2005-1875 | 1 Exhibit Engine | 1 Exhibit Engine | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter. | ||||
| CVE-2005-1877 | 1 Lpanel | 1 Lpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter. | ||||
| CVE-2005-1878 | 1 Giptables | 1 Giptables Firewall | 2026-04-16 | N/A |
| GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file. | ||||
| CVE-2005-1879 | 1 Lutel | 1 Lutelwall | 2026-04-16 | 5.5 Medium |
| LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
| CVE-2005-1880 | 1 Everybuddy | 1 Everybuddy | 2026-04-16 | 5.5 Medium |
| everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
| CVE-2005-1881 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code. | ||||
| CVE-2005-1882 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter. | ||||
| CVE-2005-1883 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter. | ||||
| CVE-2005-1884 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter. | ||||