Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4329 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB Extreme Edition RC 5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) newsid and (2) id parameter. | ||||
| CVE-2005-4331 | 1 Ihtml Merchant | 1 Ihtml Merchant | 2026-04-16 | N/A |
| SQL injection vulnerability in merchant.ihtml in iHTML Merchant Version 2 Pro allows remote attackers to execute arbitrary SQL commands via the (1) step, (2) id, and (3) pid parameters. | ||||
| CVE-2005-4332 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2026-04-16 | N/A |
| Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp. | ||||
| CVE-2005-4335 | 1 Courseforum | 1 Projectforum | 2026-04-16 | N/A |
| ProjectForum 4.7.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted pageid parameter to admin/versions.html. | ||||
| CVE-2005-4336 | 1 Courseforum | 1 Projectforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) fwd parameter in admin/adminsignin.html and (2) originalpageid parameter in admin/newpage.html associated with a group. | ||||
| CVE-2005-4339 | 1 Blackboard | 1 Academic Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page. | ||||
| CVE-2005-4341 | 1 Blackboard | 1 Academic Suite | 2026-04-16 | N/A |
| Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this might not be an exposure. | ||||
| CVE-2005-3064 | 1 Multitheftauto | 1 Multitheftauto | 2026-04-16 | N/A |
| MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running command 40, which allows remote attackers to change or delete the message of the day (motd.txt). | ||||
| CVE-2005-4347 | 1 Debian | 2 Debian Linux, Kernel-patch-vserver | 2026-04-16 | N/A |
| The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver. | ||||
| CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2026-04-16 | N/A |
| Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. | ||||
| CVE-2005-4353 | 1 Toenda Software Development | 1 Toendacms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4356 | 1 Xmpie | 1 Ustore | 2026-04-16 | N/A |
| SQL injection vulnerability in UStore allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3075 | 1 Mpc-donkey | 1 Zengaia | 2026-04-16 | N/A |
| SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-4358 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message. | ||||
| CVE-2005-4359 | 1 Oodie | 1 Odfaq | 2026-04-16 | N/A |
| SQL injection vulnerability in includes/core.inc.php in ODFaq 2.1.0 allows remote attackers to execute arbitrary SQL commands via the (1) cat and (2) srcText parameters to faq.php. | ||||
| CVE-2005-3084 | 1 Sony | 1 Playstation Portable | 2026-04-16 | N/A |
| Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image. | ||||
| CVE-2005-4361 | 1 Magnolia | 1 Content Management Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Magnolia Content Management Suite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2005-4362 | 1 Komodo | 1 Komodo Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2005-3085 | 1 Riverdark Studios | 1 Rss Syndicator Module | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters. | ||||
| CVE-2005-4364 | 1 Hot Banana | 1 Web Content Management Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana Web Content Management Suite 5.3 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | ||||