Export limit exceeded: 17880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347309 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2998 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2026-04-16 | N/A |
| PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files. | ||||
| CVE-2005-3016 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. | ||||
| CVE-2002-2133 | 1 Telindus | 1 1120 Adsl Router | 2026-04-16 | N/A |
| Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password. | ||||
| CVE-2002-2138 | 1 Hp | 2 Advanced Server 9000, Hp-ux | 2026-04-16 | N/A |
| RFC-NETBIOS in HP Advanced Server/9000 B.04.05 through B.04.09, when running HP-UX 11.00 or 11.11, allows remote attackers to cause a denial of service (panic) via a malformed UDP packet on port 139. | ||||
| CVE-2005-3023 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php. | ||||
| CVE-2005-3026 | 1 Alstrasoft | 1 Epay | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter. | ||||
| CVE-2005-3030 | 1 Ahnlab | 3 V3 Virusblock 2005, V3net, V3pro 2004 | 2026-04-16 | N/A |
| Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in a compressed archive. | ||||
| CVE-2005-3035 | 1 Compuware | 1 Driverstudio | 2026-04-16 | N/A |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110. | ||||
| CVE-2005-3043 | 1 Mall23 | 1 Mall23 | 2026-04-16 | N/A |
| SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. | ||||
| CVE-2005-3045 | 1 My Little Homepage | 1 My Little Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field. | ||||
| CVE-2005-3048 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which also allows direct code injection via the User Agent field in a request packet, which can be activated by using LANGCODE to reference the user tracking data file. | ||||
| CVE-2005-3054 | 1 Php | 1 Php | 2026-04-16 | N/A |
| fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. | ||||
| CVE-2005-3055 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference. | ||||
| CVE-2005-3057 | 1 Fortinet | 2 Fortigate, Fortios | 2026-04-16 | N/A |
| The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP. | ||||
| CVE-2005-3065 | 1 Multitheftauto | 1 Multitheftauto | 2026-04-16 | N/A |
| MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted command 40 that causes a -1 length to be used and triggers an out-of-bounds read. | ||||
| CVE-2005-3066 | 1 Scriptsolutions | 1 Perldiver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver 1.x allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: this issue was originally disputed by the vendor, but it has since been acknowledged. | ||||
| CVE-2005-3070 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file. | ||||
| CVE-2005-3079 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection. | ||||
| CVE-2005-3080 | 1 Geshi | 1 Geshi | 2026-04-16 | N/A |
| contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set. | ||||
| CVE-2005-3082 | 1 Seo-board | 1 Seo-board | 2026-04-16 | N/A |
| SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows remote attackers to execute arbitrary SQL commands via the user_pass_sha1 value in a cookie. | ||||