Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0668 | 1 Christian Hilgers | 1 Http Anti Virus Proxy \(havp\) | 2026-04-16 | N/A |
| Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (2) .ZIP files. | ||||
| CVE-2005-0671 | 1 Ca3de | 1 Ca3de | 2026-04-16 | N/A |
| Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | ||||
| CVE-2005-0670 | 1 Coinsoft Technologies | 1 Phpcoin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 through 1.2.1b allows remote attackers to inject arbitrary web script or HTML via (1) the new parameter to mod.php, (2) the w parameter to mod.php, (3) the e parameter to login.php, (4) the o parameter to login.php, and possibly other scripts. | ||||
| CVE-2005-0667 | 5 Altlinux, Gentoo, Redhat and 2 more | 7 Alt Linux, Linux, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | ||||
| CVE-2005-0665 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename. | ||||
| CVE-2005-0669 | 1 Coinsoft Technologies | 1 Phpcoin | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 through 1.2.1b allow remote attackers to execute arbitrary SQL commands via the (1) the faq_id in the faq mod, (2) the id parameter in the pages mod, (3) the id parameter in the siteinfo module, (4) the topic_id parameter in the articles module, (5) the ord_id in the orders module, (6) the dom_id parameter in the domains module, or (7) the invd_id parameter in the invoices module. | ||||
| CVE-2005-0674 | 1 Php Arena | 1 Pabox | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request. | ||||
| CVE-2005-0676 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability. | ||||
| CVE-2005-0680 | 1 Stadtaus | 1 Download Center Lite | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0677 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter. | ||||
| CVE-2005-0675 | 1 Phpoutsourcing | 1 Zorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. | ||||
| CVE-2005-4201 | 1 Showalbumonline | 1 My Album Online | 2026-04-16 | N/A |
| Directory traversal vulnerability in My Album Online 1.0 allows remote attackers to access arbitrary files via ".../" (triple dot) sequences in unspecified vectors. | ||||
| CVE-2005-0687 | 1 Hashcash | 1 Hashcash | 2026-04-16 | N/A |
| Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header. | ||||
| CVE-2005-0689 | 1 Jimmy | 1 The Includer | 2026-04-16 | N/A |
| includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter. | ||||
| CVE-2005-0684 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | ||||
| CVE-2005-4202 | 1 Logisphere | 1 Logisphere | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) "..." (triple dot), and (3) "..//" sequences in the URL, (4) "../" sequences in the source parameter to viewsource.jsp, or (5) "..\" (dot dot backslash) sequences in the NS-query-pat parameter to the search URL. URL. | ||||
| CVE-2005-0691 | 1 Socialmpn | 1 Socialmpn | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote attackers to execute arbitrary PHP code by modifying the name parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0692 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fusion 5.x allows remote attackers to inject arbitrary web script or HTML via a message with IMG bbcode containing character-encoded Javascript. | ||||
| CVE-2005-0693 | 1 Jowood Productions | 1 Chaser | 2026-04-16 | N/A |
| Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of service (client or server crash) and execute arbitrary code via a long nickname. | ||||
| CVE-2005-0694 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remote attackers to obtain sensitive information via a direct request to HCDiskQuotaService.csv. | ||||