Export limit exceeded: 345227 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345227 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1358 | 1 Text.cgi | 1 Text.cgi | 2026-04-16 | N/A |
| text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-1359 | 1 Text.cgi | 1 Text.cgi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | ||||
| CVE-2005-1360 | 1 Graycms | 1 Graycms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 allows remote attackers to execute arbitrary PHP code by modifying the path_prefix parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-1361 | 1 Metalinks | 1 Metacart E-shop | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp. | ||||
| CVE-2005-1362 | 1 Metalinks | 1 Metacart2 | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp. | ||||
| CVE-2005-1365 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences. | ||||
| CVE-2005-1366 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL. | ||||
| CVE-2005-1367 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root. | ||||
| CVE-2005-1368 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | ||||
| CVE-2005-1369 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | ||||
| CVE-2005-1370 | 1 Hp | 1 Openview Radia Management Portal | 2026-04-16 | N/A |
| Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors. | ||||
| CVE-2005-1371 | 1 Bulletproof | 1 Bulletproof Ftp Server | 2026-04-16 | N/A |
| BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges. | ||||
| CVE-2005-1372 | 1 Bakbone | 1 Netvault | 2026-04-16 | N/A |
| nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. | ||||
| CVE-2005-1375 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_pool.php, (5) module.php, (6) uInfo parameter in userInfo.php, or (7) exo_id parameter to exercises_details.php. | ||||
| CVE-2005-1376 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote project administrators to upload arbitrary files. | ||||
| CVE-2005-1377 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary PHP code via unknown vectors. | ||||
| CVE-2005-1378 | 1 Oxpus | 1 Phpbb Personal Notes Module | 2026-04-16 | N/A |
| SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors. | ||||
| CVE-2005-1379 | 1 Mandrakesoft | 1 Mandrake Lam-runtime | 2026-04-16 | N/A |
| The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges. | ||||
| CVE-2005-1380 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action. | ||||
| CVE-2005-1382 | 1 Oracle | 1 Application Server Web Cache | 2026-04-16 | N/A |
| The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. | ||||