Export limit exceeded: 346743 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346743 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4361 | 1 Magnolia | 1 Content Management Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Magnolia Content Management Suite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2005-1898 | 1 Phpthumb | 1 Phpthumb | 2026-04-16 | N/A |
| The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images. | ||||
| CVE-2005-1901 | 1 Sawmill | 1 Sawmill | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) the username in the Add User window or (2) the license key in the Licensing page. | ||||
| CVE-2005-1902 | 1 E-post Corporation | 1 Spa-pro Mail Atsolomon | 2026-04-16 | N/A |
| Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, and (4) RENAME commands. | ||||
| CVE-2005-4362 | 1 Komodo | 1 Komodo Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in page.php in Komodo CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2005-1904 | 1 Jiro | 1 Jiro Upload System | 2026-04-16 | N/A |
| SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2005-1908 | 1 Perception | 1 Liteweb | 2026-04-16 | N/A |
| Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL. | ||||
| CVE-2005-1909 | 1 Software602 | 1 602lan Suite | 2026-04-16 | N/A |
| The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2005-1911 | 1 Leafnode | 1 Leafnode | 2026-04-16 | N/A |
| The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss). | ||||
| CVE-2005-4363 | 1 Komodo | 1 Komodo Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the search engine in Komodo CMS 2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-1917 | 1 Kpopper | 1 Kpopper | 2026-04-16 | N/A |
| kpopper 1.0 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the .popper-new temporary file. | ||||
| CVE-2005-1945 | 1 Invision Power Services | 1 Invision Community Blog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the convert_highlite_words function in Invision Blog before 1.1.2 Final allows remote attackers to inject arbitrary web script or HTML via double hex encoded highlight data. | ||||
| CVE-2005-4364 | 1 Hot Banana | 1 Web Content Management Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana Web Content Management Suite 5.3 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | ||||
| CVE-2005-1923 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. | ||||
| CVE-2005-1925 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via (1) the suck_url parameter to tiki-editpage.php or (2) language parameter to tiki-user_preferences.php. | ||||
| CVE-2005-1928 | 1 Trend Micro | 1 Serverprotect Earthagent | 2026-04-16 | N/A |
| Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versions, when running with Trend Micro Control Manager 2.5 and 3.0, and Damage Cleanup Server 1.1, allows remote attackers to cause a denial of service (CPU consumption) via a flood of crafted packets with a certain "magic value" to port 5005, which also leads to a memory leak. | ||||
| CVE-2005-4487 | 1 Ramsite | 1 R1 Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. | ||||
| CVE-2005-1932 | 1 Lpanel | 1 Lpanel | 2026-04-16 | N/A |
| Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php. | ||||
| CVE-2005-1934 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error. | ||||
| CVE-2005-1930 | 1 Trend Micro | 1 Serverprotect | 2026-04-16 | N/A |
| Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, and possibly earlier versions, allows remote attackers to read arbitrary files via the IMAGE parameter. | ||||