Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3854 1 Easypagecms 1 Easypagecms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVE-2005-3865 1 Scripts-templates 1 Allweb Search 2026-04-16 N/A
SQL injection vulnerability in index.php in AllWeb search 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the search parameter.
CVE-2005-3867 1 Wwwsearchsolutions 1 Revenuepilot Search Engine Script 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in RevenuePilot Search Engine Script 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the REQ parameter, which is used when performing a search.
CVE-2005-3874 1 Weaverslave 1 Netzbrett 2026-04-16 N/A
SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the p_entry parameter in an entry command to index.php.
CVE-2005-3884 1 Zainu 1 Zainu 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term and (2) start parameters to index.php.
CVE-2005-3890 1 Gadu-gadu 1 Gadu-gadu Instant Messenger 2026-04-16 N/A
Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs.
CVE-2005-3912 2 Debian, Webmin 2 Debian Linux, Webmin 2026-04-16 N/A
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call. NOTE: the code execution might be associated with an issue in Perl.
CVE-2005-3914 1 Affcommerce 1 Affcommerce 2026-04-16 N/A
Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php.
CVE-2005-3921 1 Cisco 1 Ios 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers.
CVE-2005-3924 1 Randshop 1 Randshop 2026-04-16 N/A
SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to execute arbitrary SQL commands via the (1) kategorieid and (2) katid parameters.
CVE-2005-3929 1 Xaraya 1 Xaraya 2026-04-16 N/A
Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 allows remote attackers to create directories and overwrite arbitrary files via ".." sequences in the module parameter to index.php.
CVE-2005-3930 1 N-13 News 1 N-13 News 2026-04-16 N/A
SQL injection vulnerability in index.php in N-13 News 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-3940 1 Greywyvern 1 Orca Ringmaker 2026-04-16 N/A
SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2005-3961 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter.
CVE-2005-3964 2 Integrated Computer Solutions, Redhat 3 Openmotif, Enterprise Linux, Network Satellite 2026-04-16 N/A
Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c.
CVE-2003-0010 1 Microsoft 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more 2026-04-16 N/A
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.
CVE-2004-0143 1 Nokia 1 6310i 2026-04-16 N/A
Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote attackers to cause a denial of service (reset) via malformed Bluetooth OBject EXchange (OBEX) messages, probably triggering buffer overflows.
CVE-2004-0151 1 Xintercepttalk 1 Xitalk 2026-04-16 N/A
Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands.
CVE-2004-0160 1 Synaesthesia 1 Synaesthesia 2026-04-16 N/A
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.
CVE-2004-0162 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.