Export limit exceeded: 344950 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344950 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3773 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to "Potential misuse of Media component file management functions." | ||||
| CVE-2005-3789 | 1 Phpwcms | 1 Phpwcms | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php. | ||||
| CVE-2005-3797 | 1 Alstrasoft | 1 Template Seller | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter. | ||||
| CVE-2005-3742 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter. | ||||
| CVE-2005-3753 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service (Oops) via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker. | ||||
| CVE-2005-3774 | 1 Cisco | 1 Pix | 2026-04-16 | N/A |
| Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. | ||||
| CVE-2005-3790 | 1 Phpwcms | 1 Phpwcms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters. | ||||
| CVE-2005-3798 | 1 Alstrasoft | 1 Template Seller | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field. | ||||
| CVE-2004-2239 | 1 Inter7 | 1 Vpopmail \(vchkpw\) | 2026-04-16 | N/A |
| Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2004-2240 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | ||||
| CVE-2005-3743 | 1 Simplepoll | 1 Simplepoll | 2026-04-16 | N/A |
| SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | ||||
| CVE-2005-3754 | 1 Google | 2 Mini Search Appliance, Search Appliance | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via the proxystylesheet variable, which will be executed in the resulting error message. | ||||
| CVE-2005-3775 | 1 Pollvote | 1 Pollvote | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to include arbitrary files via a URL in the pollname parameter. | ||||
| CVE-2005-3791 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2026-04-16 | N/A |
| HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote attackers to inject arbitrary HTML headers via adclick.php and possibly other unspecified vectors. | ||||
| CVE-2005-3799 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path. | ||||
| CVE-2005-3744 | 1 Phpcomasy | 1 Phpcomasy | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php. | ||||
| CVE-2004-2258 | 1 Hummingbird | 1 Exceed | 2026-04-16 | N/A |
| Xconfig in Hummingbird Exceed before 9.0.0.1, when the Screen Definition is password-protected, allows local users to access certain options by switching to another tab, then switching back to the original tab. | ||||
| CVE-2005-3755 | 1 Google | 2 Mini Search Appliance, Search Appliance | 2026-04-16 | N/A |
| Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to determine the existence of arbitrary files via a relative path from a style sheet directory, then comparing the resulting error messages. | ||||
| CVE-2005-3776 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allow remote attackers to inject arbitrary web script or HTML via (1) the subject field when creating a new thread and (2) information passed to the Reputation system. | ||||
| CVE-2005-3792 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other versions before 7.9 with patch 3.1, allows remote attackers to execute arbitrary SQL commands, as demonstrated via the query parameter in a stories type. | ||||