Export limit exceeded: 345193 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345193 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3846 | 1 Fscripts | 1 Fantastic News | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2005-4637 | 1 Kayako | 1 Supportsuite | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kayako SupportSuite 3.00.26 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) nav parameter in the downloads module, (2) Full Name and (3) Email fields in the core module, (4) Full Name, (5) Email, and (6) Subject fields in the tickets module, or (7) Registered Email field in the lostpassword feature in the core module. | ||||
| CVE-2005-3852 | 1 Onlinetechtools.com | 1 Owos Lite | 2026-04-16 | N/A |
| SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | ||||
| CVE-2005-4638 | 1 Kayako | 1 Supportsuite | 2026-04-16 | N/A |
| index.php in Kayako SupportSuite 3.00.26 and earlier allow remote attackers to obtain the full path via (1) _a and (2) newsid parameters in the news module, (3) downloaditemid parameter in the downloads module, and (4) kbarticleid parameter in the knowledgebase module. | ||||
| CVE-2005-3861 | 1 Phpgreetz | 1 Phpgreetz | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter. | ||||
| CVE-2005-4641 | 1 Eazycms | 1 Eazycms | 2026-04-16 | N/A |
| SQL injection vulnerability in home.php in eazyCMS 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | ||||
| CVE-2005-3896 | 1 Mozilla | 1 Mozilla | 2026-04-16 | N/A |
| Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function. | ||||
| CVE-2005-4643 | 1 Antharia | 1 Oncontent Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Antharia OnContent // CMS allows remote attackers to execute arbitrary SQL commands via the pid parameter. NOTE: it is not clear, but this might be an application service provider, in which case it might be excluded from CVE. | ||||
| CVE-2005-3904 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors. | ||||
| CVE-2005-4644 | 1 Edgewall Software | 1 Trac | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag. | ||||
| CVE-2005-3912 | 2 Debian, Webmin | 2 Debian Linux, Webmin | 2026-04-16 | N/A |
| Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or memory consumption) and possibly execute arbitrary code via format string specifiers in the username parameter to the login form, which is ultimately used in a syslog call. NOTE: the code execution might be associated with an issue in Perl. | ||||
| CVE-2005-4645 | 1 3cfr | 1 3cfr | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in 3CFR allows remote attackers to execute arbitrary SQL commands via the LangueID parameter. | ||||
| CVE-2005-3927 | 1 Guppy | 1 Guppy | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in GuppY 4.5.9 and earlier allow remote attackers to read and include arbitrary files via (1) the meskin parameter to admin/editorTypetool.php, or the lng parameter to the in admin/inc scripts (2) archbatch.php, (3) dbbatch.php, and (4) nwlmail.php. | ||||
| CVE-2005-3928 | 1 Qnx | 1 Rtos | 2026-04-16 | N/A |
| Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument. | ||||
| CVE-2005-4647 | 1 Pearlinger | 1 Pearl Forums | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PEARLINGER Pearl Forums 2.4 allow remote attackers to execute arbitrary SQL commands via the (1) forumsId and (2) topicId parameters in index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3946 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera 8.50 allows remote attackers to cause a denial of service (crash) via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class. | ||||
| CVE-2005-3947 | 1 Sergey Korostel | 1 Php Upload Center | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in PHP Upload Center allows remote attackers to read arbitrary files via "../" sequences in the filename parameter. | ||||
| CVE-2005-4648 | 1 Illustrate | 1 Dbpoweramp Music Converter | 2026-04-16 | N/A |
| Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue. | ||||
| CVE-2005-3963 | 1 Dotclear | 1 Dotclear | 2026-04-16 | N/A |
| SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execute arbitrary SQL commands via the dc_xd parameter in a cookie. | ||||
| CVE-2005-3964 | 2 Integrated Computer Solutions, Redhat | 3 Openmotif, Enterprise Linux, Network Satellite | 2026-04-16 | N/A |
| Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c. | ||||