Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4311 | 1 Dcscripts | 2 Dcforum, Dcforum\+ | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters. | ||||
| CVE-2005-4312 | 1 Almondsoft | 1 Almond Classifieds | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4313 | 1 Almondsoft | 1 Almond Personals | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Personals 4.05 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | ||||
| CVE-2005-4316 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | ||||
| CVE-2005-4317 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | N/A |
| Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not protect the $_SERVER variable from external modification, which allows remote attackers to use the _SERVER[REMOTE_ADDR] parameter to (1) conduct cross-site scripting (XSS) attacks in the stats module or (2) execute arbitrary code via an eval injection attack in the wrapper option in index2.php. | ||||
| CVE-2005-4318 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in Limbo CMS 1.0.4.2 and earlier, with register_globals off, allows remote attackers to execute arbitrary SQL commands via the _SERVER[REMOTE_ADDR] parameter, which modifies the underlying $_SERVER variable. | ||||
| CVE-2005-4319 | 1 Limbo Cms | 1 Limbo Cms | 2025-04-03 | N/A |
| Directory traversal vulnerability in index2.php in Limbo CMS 1.0.4.2 and earlier allows remote attackers to include arbitrary PHP files via ".." sequences in the option parameter. | ||||
| CVE-2005-4321 | 1 Apani Networks | 1 Epiforce Agent | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Apani Networks EpiForce 1.9 and earlier running IPSec, allow remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-4322 | 1 Hitachi | 3 Cosminexus Collaboration Portal, Groupmax Collaboration Portal, Groupmax Collaboration Web Client | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to inject arbitrary web script or HTML via the (1) Schedule and (2) Calendar components. | ||||
| CVE-2005-4323 | 1 Hitachi | 3 Cosminexus Collaboration Portal, Groupmax Collaboration Portal, Groupmax Collaboration Web Client | 2025-04-03 | N/A |
| Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component. | ||||
| CVE-2005-4324 | 1 Hitachi | 1 Groupmax Mail Smtp | 2025-04-03 | N/A |
| Hitachi Groupmax Mail SMTP 06-50 through 06-52-/A and 07-00 through 07-20 allows remote attackers to cause a denial of service (service stop) via an e-mail message with an "invalid format." | ||||
| CVE-2005-4326 | 1 Apc | 1 Powerchute Network Shutdown | 2025-04-03 | N/A |
| The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials. | ||||
| CVE-2005-4327 | 1 Webcal | 1 Webcal | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt WebCal 1.11-3.04 allow remote attackers to inject arbitrary web script or HTML via the (1) function, (2) year, and (3) date parameters to webcal.cgi, (4) new calendar entries, and (5) notes for entries. | ||||
| CVE-2005-4328 | 1 University Of Arizona | 1 Webglimpse | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | ||||
| CVE-2005-4329 | 1 Php Arena | 1 Pafiledb | 2025-04-03 | N/A |
| SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB Extreme Edition RC 5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) newsid and (2) id parameter. | ||||
| CVE-2005-4330 | 1 Ihtml Merchant | 1 Ihtml Merchant Mall | 2025-04-03 | N/A |
| SQL injection vulnerability in browse.ihtml in iHTML Merchant Mall allows remote attackers to execute arbitrary SQL commands via the (1) id, (2) store, and (3) step parameters. | ||||
| CVE-2005-4331 | 1 Ihtml Merchant | 1 Ihtml Merchant | 2025-04-03 | N/A |
| SQL injection vulnerability in merchant.ihtml in iHTML Merchant Version 2 Pro allows remote attackers to execute arbitrary SQL commands via the (1) step, (2) id, and (3) pid parameters. | ||||
| CVE-2005-4332 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2025-04-03 | N/A |
| Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp. | ||||
| CVE-2005-4333 | 1 Binary-concepts | 1 Binary Board System | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) inreplyto, (2) article, and (3) board parameters to reply.pl, (4) branch, (5) board, and (6) stats.pl parameters to (b) stats.pl, and (7) board parameter to (c) toc.pl. | ||||