Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3593 | 1 Cisco | 1 Unified Callmanager | 2026-04-16 | N/A |
| The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. | ||||
| CVE-2005-0505 | 1 Stackworks Enterprises | 1 Information Resource Manager | 2026-04-16 | N/A |
| Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers to have "potentially serious" impact, related to LDAP logins. | ||||
| CVE-2005-0645 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers to inject arbitrary HTML, web script, and PHP code via the (1) CLIENT-IP or (2) X-FORWARDED-FOR header in an HTTP POST request to show_news.php. | ||||
| CVE-2005-0653 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended. | ||||
| CVE-2005-0700 | 1 Aztek Forum | 1 Aztek Forum | 2026-04-16 | N/A |
| The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie. | ||||
| CVE-2005-0729 | 1 Techland | 1 Xpand Rally | 2026-04-16 | N/A |
| Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message. | ||||
| CVE-2005-0783 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum before 5.0.14a allows remote attackers to inject arbitrary web script or HTML via the filename of an attached file. | ||||
| CVE-2005-0804 | 1 Mailenable | 1 Mailenable Standard | 2026-04-16 | N/A |
| Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (application crash) via format string specifiers in the mailto field. | ||||
| CVE-2005-0814 | 1 Lysator | 1 Lsh | 2026-04-16 | N/A |
| Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2005-0888 | 1 Michael Dean | 1 Double Choco Latte | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) class or (2) method name. | ||||
| CVE-2005-0889 | 1 Dream4 | 1 Koobi Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | ||||
| CVE-2005-0903 | 1 Apple | 1 Quicktime Pictureviewer | 2026-04-16 | N/A |
| Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | ||||
| CVE-2005-0908 | 1 Valdersoft | 1 Valdersoft Shopping Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php. | ||||
| CVE-2005-0909 | 1 Tkais Shoutbox | 1 Tkais Shoutbox | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in shoutact.php for TKai's Shoutbox allows remote attackers to execute arbitrary PHP code via the query parameter. | ||||
| CVE-2005-0921 | 1 Microsoft | 1 Outlook Connector | 2026-04-16 | N/A |
| Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. | ||||
| CVE-2005-0958 | 1 Yepyep | 1 Mtftpd | 2026-04-16 | N/A |
| Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command. | ||||
| CVE-2005-0959 | 1 Yepyep | 1 Mtftpd | 2026-04-16 | N/A |
| Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path. | ||||
| CVE-2005-0961 | 1 Horde | 1 Application Framework | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title. | ||||
| CVE-2005-0962 | 1 Lighthouse Development | 1 Squirrelcart | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action. | ||||
| CVE-2005-0978 | 1 Ivt | 1 Bluesoleil | 2026-04-16 | N/A |
| Directory traversal vulnerability in the Object Push service in IVT BlueSoleil 1.4 allows remote attackers to upload arbitrary files via a .. (dot dot) in a PUSH command. | ||||