Export limit exceeded: 345229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345229 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1618 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial of service (disconnect) via a room login or a room join request packet with a third : (colon) and an & (ampersand), which causes Messenger to send a corrupted packet to the server, which triggers a disconnect from the server. | ||||
| CVE-2005-1620 | 1 Soren Boysen | 1 Skull-splitter Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook 1.0, 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a message. | ||||
| CVE-2005-1621 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Directory traversal vulnerability in the pnModFunc function in pnMod.php for PostNuke 0.750 through 0.760rc4 allows remote attackers to read arbitrary files via a .. (dot dot) in the func parameter to index.php. | ||||
| CVE-2005-1622 | 1 Metalinks | 1 Metacart E-shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in productsByCategory.asp in MetaCart e-Shop allows remote attackers to inject arbitrary web script or HTML via the strCatalog_NAME parameter. | ||||
| CVE-2005-1625 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-16 | N/A |
| Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec tag. | ||||
| CVE-2005-1626 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code. | ||||
| CVE-2005-1627 | 1 Viewglob | 1 Viewglob | 2026-04-16 | N/A |
| Unknown vulnerability in Viewglob before 2.0.1, related to "a potential security issue with the Viewglob display and ssh X forwarding," has unknown impact. | ||||
| CVE-2005-1628 | 1 Web-app.org | 1 Webapp | 2026-04-16 | N/A |
| apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. | ||||
| CVE-2005-1629 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute arbitrary SQL commands via the verifykey parameter. | ||||
| CVE-2005-1631 | 1 Booby | 1 Booby | 2026-04-16 | N/A |
| booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs. | ||||
| CVE-2005-1632 | 1 Tavis Rudd | 1 Cheetah | 2026-04-16 | N/A |
| Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/. | ||||
| CVE-2005-1633 | 1 Jgs-xa | 1 Jgs-portal | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) anzahl_beitraege parameter to jgs_portal.php, 2) year parameter to (jgs_portal_statistik.php, 3) year parameter to (jgs_portal_beitraggraf.php, 4) tag parameter to (jgs_portal_viewsgraf.php, 5) year parameter to (jgs_portal_themengraf.php, 6) year parameter to (jgs_portal_mitgraf.php, 7) id parameter to jgs_portal_sponsor.php, or (8) the Accept-Language header to jgs_portal_log.php. | ||||
| CVE-2005-1635 | 1 Jgs-xa | 1 Jgs-portal | 2026-04-16 | N/A |
| JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to obtain the full server path via direct requests to (1) jgs_portal_ref.php, (2) jgs_portal_land.php, (3) jgs_portal_log.php, (4) jgs_portal_global_sponsor.php, (5) jgs_portal_global.php, (6) jgs_portal_system.php, (7) jgs_portal_views.php; or multiple files in the jgs_portal_include directory, including (8) jgs_portal_boardmenue.php, (9) jgs_portal_forenliste.php, (10) jgs_portal_geburtstag.php, (11) jgs_portal_guckloch.php, (12) jgs_portal_kalender.php, (13) jgs_portal_letztethemen.php, (14) jgs_portal_links.php, (15) jgs_portal_neustemember.php, (16) jgs_portal_newsboard.php, (17) jgs_portal_online.php, (18) jgs_portal_pn.php, (19) jgs_portal_portalmenue.php, (20) jgs_portal_styles.php, (21) jgs_portal_suchen.php, (22) jgs_portal_team.php, (23) jgs_portal_topforen.php, (24) jgs_portal_topposter.php, (25) jgs_portal_umfrage.php, (26) jgs_portal_useravatar.php, (27) jgs_portal_waronline.php, (28) jgs_portal_woonline.php, or (29) jgs_portal_zufallsavatar.php. | ||||
| CVE-2005-1639 | 1 Atinegar | 1 Sigma Isp Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to execute arbitrary SQL commands via the (1) username, (2) password, or (3) domain fields. | ||||
| CVE-2005-1641 | 1 The Ignition Project | 1 Ignitionserver | 2026-04-16 | N/A |
| mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, does not allow protected operators to access channels that have been locked out by a key, which allows IRC users to cause a denial of service. | ||||
| CVE-2005-1642 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable. | ||||
| CVE-2005-1643 | 1 Jorg Ruppel | 1 Zoidcom | 2026-04-16 | N/A |
| The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and earlier allows remote attackers to cause a denial of service via a crafted UDP packet with a large size value, which causes a memory allocation error or an out-of-bounds read. | ||||
| CVE-2005-1644 | 1 1two | 1 Livre D Or | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.php for 1Two Livre d'Or 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) livreornom, (2) livreoremail, or (3) livreormessage parameters. | ||||
| CVE-2005-1645 | 1 Keyvan1 | 1 Imagegallery | 2026-04-16 | N/A |
| Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-1647 | 1 Gurgens | 1 Gurgens Guest Book | 2026-04-16 | N/A |
| Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords. | ||||