Export limit exceeded: 350623 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29920 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29920 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0259 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file. | ||||
| CVE-2005-0273 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) ppuser parameter. | ||||
| CVE-2005-0280 | 1 Jowood Productions | 1 Soldner Secret Wars | 2026-04-16 | N/A |
| Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message. | ||||
| CVE-2005-0293 | 1 Minis | 1 Minis | 2026-04-16 | N/A |
| Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter. | ||||
| CVE-2005-0391 | 1 Daniel De Rauglaudre | 1 Geneweb | 2026-04-16 | N/A |
| geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files. | ||||
| CVE-2005-0330 | 1 People Can Fly | 1 Painkiller | 2026-04-16 | N/A |
| Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long cd-key hash. | ||||
| CVE-2005-0316 | 1 Webwasher | 1 Webwasher Classic | 2026-04-16 | N/A |
| WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2005-0327 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php. | ||||
| CVE-2005-0324 | 1 Captaris | 1 Infinite Mobile Delivery Webmail | 2026-04-16 | N/A |
| Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain sensitive information via an HTTP request that contains invalid characters for a Windows foldername, which reveals the path in an error message. | ||||
| CVE-2005-0326 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script. | ||||
| CVE-2005-0390 | 1 Axel | 1 Axel | 2026-04-16 | N/A |
| Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-0335 | 1 Emotion | 1 Mediapartner Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2005-0338 | 1 Savant | 1 Savant Webserver | 2026-04-16 | N/A |
| Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request. | ||||
| CVE-2005-0343 | 1 Logicnow | 1 Perldesk | 2026-04-16 | N/A |
| SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands via the view parameter. | ||||
| CVE-2005-0352 | 1 Woodstone | 1 Servers Alive | 2026-04-16 | N/A |
| Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges. | ||||
| CVE-2005-0353 | 1 Safenet | 1 Sentinel License Manager | 2026-04-16 | N/A |
| Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093. | ||||
| CVE-2005-0364 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service. | ||||
| CVE-2005-0365 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2026-04-16 | N/A |
| The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-0368 | 1 Chipmunk Scripts | 1 Cmscore | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php. | ||||
| CVE-2005-0374 | 1 Bitshifters | 1 Bitboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover. | ||||