Search Results (362065 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1776 1 Cnedra 1 Cnedra 2026-04-16 N/A
Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string.
CVE-2005-1777 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2005-1783 1 W.m.r. Simpson 1 Bookreview 2026-04-16 N/A
BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.
CVE-2006-2524 1 Usebb 1 Usebb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in UseBB 1.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors when processing the user date format.
CVE-2005-1788 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote attackers to execute arbitrary SQL commands via the jresourceid parameter.
CVE-2005-1789 1 India Software Solution 1 Shopping Cart 2026-04-16 N/A
SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password.
CVE-2005-1801 1 Nokia 1 9500 2026-04-16 N/A
The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it.
CVE-2005-1803 1 Net Portal Dynamic System 1 Net Portal Dynamic System 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.
CVE-2005-1808 1 Firefly Studios 1 Stronghold 2 2026-04-16 N/A
Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception.
CVE-2006-2529 1 Fckeditor 1 Fckeditor 2026-04-16 N/A
editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is related to CVE-2006-0658.
CVE-2005-1812 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
CVE-2006-2534 1 Greg Donald 1 Destiney Links Script 2026-04-16 N/A
Destiney Links Script 2.1.2 does not protect library and other support files, which allows remote attackers to obtain the installation path via a direct URL to files in the (1) include and (2) themes/original directories.
CVE-2005-1813 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.
CVE-2005-1815 1 Hummingbird 1 Connectivity 2026-04-16 N/A
Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe).
CVE-2005-1821 1 Powerscripts.org 1 Powerdownload 2026-04-16 N/A
PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code via the incdir parameter to downloads.php.
CVE-2005-1822 1 Qualiteam 1 X-cart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php.
CVE-2005-1828 1 Dlink 2 Dsl-504t, Dsl-504t Firmware 2026-04-16 7.5 High
D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information.
CVE-2005-1831 1 Todd Miller 1 Sudo 2026-04-16 8.4 High
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty.
CVE-2005-1836 1 Nextweb 1 Nextweb \(i\)site 2026-04-16 N/A
NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP request, possibly involving wildcard requests for .jsp files.
CVE-2005-1846 1 Yamt 1 Yamt 2026-04-16 N/A
Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbitrary files via the (1) rename or (2) sort options.