Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0882 | 1 Birdblog | 1 Birdblog | 2026-04-16 | N/A |
| SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters. | ||||
| CVE-2005-0888 | 1 Michael Dean | 1 Double Choco Latte | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9.4.3 allow remote attackers to inject arbitrary web script or HTML via the (1) class or (2) method name. | ||||
| CVE-2005-4219 | 1 Innovative Cms | 1 Innovative Cms | 2026-04-16 | N/A |
| setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be processed before content is returned to the user, so this might not be a vulnerability. | ||||
| CVE-2005-0893 | 1 Smail | 1 Smail | 2026-04-16 | N/A |
| modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc. | ||||
| CVE-2005-0890 | 1 Dream4 | 1 Koobi Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | ||||
| CVE-2005-0894 | 1 Openmosixview | 1 Openmosixview | 2026-04-16 | N/A |
| OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete arbitrary files via a symlink attack on (1) temporary files in the openmosixcollector directory or (2) nodes.tmp. | ||||
| CVE-2005-0895 | 1 Netcomm | 1 Nb1300 | 2026-04-16 | N/A |
| Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets. | ||||
| CVE-2005-0897 | 1 Magicscripts | 1 E-store Kit-2 | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote attackers to execute arbitrary PHP code by modifying the menu and main parameters to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0892 | 1 Smail | 1 Smail | 2026-04-16 | N/A |
| Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands. | ||||
| CVE-2005-4222 | 1 Lars Ellingsen | 1 Guestserver | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in guestbook.cgi in Lars Ellingsen Guestserver 4.13 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified message fields. | ||||
| CVE-2005-0900 | 1 Nukebookmarks | 1 Nukebookmarks | 2026-04-16 | N/A |
| marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter, which reveal the path in an error message. | ||||
| CVE-2005-0901 | 1 Nukebookmarks | 1 Nukebookmarks | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0.6 for PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via the (1) catname, (2) markname, (3) comment, or (4) category parameter. | ||||
| CVE-2005-0899 | 1 Ibm | 1 Os 400 | 2026-04-16 | N/A |
| AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated users to obtain OS/400 user profiles by performing a search. | ||||
| CVE-2005-0902 | 1 Nukebookmarks | 1 Nukebookmarks | 2026-04-16 | N/A |
| SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2005-0903 | 1 Apple | 1 Quicktime Pictureviewer | 2026-04-16 | N/A |
| Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data. | ||||
| CVE-2005-0905 | 1 Maxthon | 1 Maxthon | 2026-04-16 | N/A |
| Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property. | ||||
| CVE-2005-4284 | 1 Static Store | 1 Staticstore | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possibly the keywords parameter. NOTE: this issue was originally disputed by the vendor, but it has since been acknowledged. | ||||
| CVE-2005-4285 | 1 Dick Copits | 1 Pdestore | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters. | ||||
| CVE-2005-1473 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by opening a URL from a text input field. | ||||
| CVE-2005-1472 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories. | ||||