Export limit exceeded: 345229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345229 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1220 | 1 Knusperleicht | 1 Shoutbox Script | 2026-04-16 | N/A |
| Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a direct request to db/settings.dat, which displays usernames and password hashes. | ||||
| CVE-2005-1223 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to execute arbitrary SQL commands via the Admin_id field. | ||||
| CVE-2005-1225 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote attackers to execute arbitrary SQL commands via the favs parameter to (1) init.inc.php or (2) zipdownload.php. | ||||
| CVE-2005-1226 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-1227 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form. | ||||
| CVE-2005-1228 | 2 Gnu, Redhat | 2 Gzip, Enterprise Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. | ||||
| CVE-2005-1230 | 1 Magnus Lundvall | 1 Yawcam | 2026-04-16 | N/A |
| Directory traversal vulnerability in Yawcam 0.2.5 allows remote attackers to read arbitrary files via "..\" (dot dot backslash) sequences in a GET request. | ||||
| CVE-2005-1231 | 1 Jaws | 1 Jaws | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the NewTerm function in GlossaryModel.php in JAWS 0.4 allows remote attackers to inject arbitrary web script or HTML via the (1) term or (2) description. | ||||
| CVE-2005-1232 | 1 Sun | 1 Java System Web Proxy Server | 2026-04-16 | N/A |
| Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2005-1233 | 1 Php Labs | 1 Profile | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters. | ||||
| CVE-2005-1234 | 1 Phpbb Group | 1 Phpbb-auction | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via the (1) u parameter to auction_rating.php or (2) ar parameter to action_offer.php. | ||||
| CVE-2005-1235 | 1 Phpbb Group | 1 Phpbb-auction | 2026-04-16 | N/A |
| auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitive information via an invalid mode parameter, which leaks the full path in a PHP error message. | ||||
| CVE-2005-1237 | 1 China-on-site | 1 Flexphpnews | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||
| CVE-2005-1239 | 1 Raz-lee | 1 Security\+\+\+ | 2026-04-16 | N/A |
| Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | ||||
| CVE-2005-1240 | 1 Castlehill | 1 Secure Net | 2026-04-16 | N/A |
| Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | ||||
| CVE-2005-1241 | 1 Powertech | 1 Powerlock Networksecurity | 2026-04-16 | N/A |
| Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | ||||
| CVE-2005-1242 | 1 Bsafe | 1 Global Security | 2026-04-16 | N/A |
| Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | ||||
| CVE-2005-1243 | 1 Safestone Technologies | 1 Axcessit | 2026-04-16 | N/A |
| Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | ||||
| CVE-2005-1245 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-1247 | 1 Novell | 1 Nsure Audit | 2026-04-16 | N/A |
| webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability. | ||||