Export limit exceeded: 363383 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363383 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4083 | 1 Phpbb Styles | 1 Extreme Styles Phpbb Module | 2026-04-16 | N/A |
| Directory traversal vulnerability in xs_edit.php in the eXtreme Styles phpBB module 2.2.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the edit parameter. | ||||
| CVE-2005-1426 | 1 Uapplication | 1 Ublog | 2026-04-16 | N/A |
| Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb (aka mdb-database/blog.msb). | ||||
| CVE-2005-1427 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb. | ||||
| CVE-2005-3987 | 1 Tradesoft | 1 Tradesoft Cms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote attackers to execute arbitrary SQL commands via unspecified attack vectors. | ||||
| CVE-2005-1428 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| edit_image.asp in Uapplication Uphotogallery allows remote attackers to upload arbitrary files. | ||||
| CVE-2005-1434 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2005-1438 | 1 Osticket | 1 Osticket | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the include_dir parameter. | ||||
| CVE-2005-1441 | 1 Ibm | 1 Lotus Domino | 2026-04-16 | N/A |
| Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC). | ||||
| CVE-2005-3135 | 1 Virtools | 1 Web Player | 2026-04-16 | N/A |
| Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2005-1013 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows remote attackers to cause a denial of service (server crash) via an EHLO command with a Unicode string. | ||||
| CVE-2005-3136 | 1 Virtools | 1 Web Player | 2026-04-16 | N/A |
| Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename. | ||||
| CVE-2005-3137 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960. | ||||
| CVE-2005-1049 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) module parameter to admin.php or (2) op parameter to user.php. NOTE: the vendor reports that certain issues could not be reproduced for 760 RC3, or for .750. However, the op/user.php issue exists when the pnAntiCracker setting is disabled. | ||||
| CVE-2005-3138 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows remote attackers to obtain sensitive information such as the list of installed products via the config.cgi file, which is accessible even when the requirelogin parameter is set. | ||||
| CVE-2005-1073 | 1 Radscripts | 1 Radbids | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to read arbitrary files via the read parameter. | ||||
| CVE-2005-3139 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set. | ||||
| CVE-2005-4057 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters. | ||||
| CVE-2005-1078 | 1 Xampp | 1 Apache Distribution | 2026-04-16 | N/A |
| XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges. | ||||
| CVE-2005-3826 | 1 Ezy Helpdesk | 1 Ezyhelpdesk | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) edit_id, (2) faq_id, and (3) c_id parameters in a query string, and (4) the search engine, possibly involving the search_string parameter. | ||||
| CVE-2005-3140 | 1 Procom | 2 Netforce 800, Netforce 800 Firmware | 2026-04-16 | 7.5 High |
| Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes. | ||||