Export limit exceeded: 350763 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2031 | 1 Socialmpn | 1 Socialmpn | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) secid or (6) artid parameter to sections.php, (7) siteid parameter to index.php, or (8) sid parameter to friend.php. | ||||
| CVE-2005-2037 | 1 Fortibus | 1 Fortibus Cms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Fortibus CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via (1) the username or password to logon.asp, (2) WeeklyNotesDisplay.asp, or (3) the Search page. | ||||
| CVE-2005-4378 | 1 Nma | 1 Baseline Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to execute arbitrary SQL commands via the SiteNodeID parameter. | ||||
| CVE-2005-4492 | 1 Starphire Technologies | 5 Sitesage, Sitesage-ee, Sitesage-le and 2 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter. | ||||
| CVE-2005-2038 | 1 Fortibus | 1 Fortibus Cms | 2026-04-16 | N/A |
| Fortibus CMS 4.0.0 allows remote attackers to modify information of other users, including Admin, via the "My info" page. | ||||
| CVE-2005-2041 | 1 Hauri | 1 Virobot Linux Server | 2026-04-16 | N/A |
| Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE). | ||||
| CVE-2005-2042 | 1 Ajax-spell | 1 Ajax-spell | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags. | ||||
| CVE-2005-2039 | 1 Nanoblogger | 1 Nanoblogger | 2026-04-16 | N/A |
| Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and earlier allows remote attackers to execute arbitrary commands. | ||||
| CVE-2005-2040 | 1 Telnetd | 1 Telnetd | 2026-04-16 | N/A |
| Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469. | ||||
| CVE-2005-2043 | 1 Xampp | 1 Apache Distribution | 2026-04-16 | N/A |
| Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | ||||
| CVE-2005-2049 | 1 Duware | 1 Duclassmate | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp. | ||||
| CVE-2005-4494 | 1 Spip | 1 Spip | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) spip_login.php3 and (2) spip_pass.php3. | ||||
| CVE-2005-2050 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space. | ||||
| CVE-2005-2051 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | N/A |
| Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-2055 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | N/A |
| RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | ||||
| CVE-2005-2058 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Number parameter to (1) download.php, (2) modifypost.php, (3) mailthread.php, or (4) notifymod.php, (5) month or (6) year parameter to calendar.php, (7) message parameter to viewmessage.php, (8) main parameter to addfav.php, or (9) posted parameter to grabnext.php. | ||||
| CVE-2005-2060 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter. | ||||
| CVE-2005-2056 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. | ||||
| CVE-2005-4387 | 1 Contenite | 1 Contenite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2005-2061 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte. | ||||