Export limit exceeded: 364230 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2808 1 Lycos 1 Htmlgear Guestgear 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Lycos Tripod htmlGEAR guestGEAR (aka Guest Gear) allows remote attackers to inject arbitrary web script or HTML via a guestbook post containing a javascript URI in the SRC attribute of the BR element after an extra "iframe" tagname within that element, followed by a double ">", which might bypass cleansing operations.
CVE-2005-4230 1 Php Web Scripts 1 Link Up Gold 2026-04-16 N/A
SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the number parameter.
CVE-2006-2809 1 Ar-blog 1 Ar-blog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333.
CVE-2005-4235 1 Whmcompletesolution 1 Whmcompletesolution 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2005-4236 1 Cartkeeper 1 Ckgold Shopping Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2005-4237 1 Servers-r-us 1 Mysqlauction 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
CVE-2005-4252 1 Mcgallery 1 Mcgallery Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters.
CVE-2005-4253 1 Torrential 1 Torrential 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in getdox.php in Torrential 1.2 allows remote attackers to inject arbitrary web script or HTML via the URL. NOTE: this might be resultant from CVE-2005-4160.
CVE-2005-4254 1 Dreamlevels 1 Dream Poll 2026-04-16 N/A
SQL injection vulnerability in view_Results.php in DreamLevels DreamPoll 3.0 final allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-4255 1 Wikkawiki 1 Wikkawiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded phrase parameter.
CVE-2005-4264 1 Triangle Solutions 1 Php Support Tickets 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields, and (3) id parameter.
CVE-2005-4272 1 Ibm 1 Aix 2026-04-16 N/A
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
CVE-2004-1623 1 Microsoft 1 Windows Xp 2026-04-16 N/A
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF.
CVE-2005-4277 1 Toenda Software Development 1 Toendacms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in toendaCMS before 0.7 Beta allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2004-1630 1 Openwfe 1 Work Flow Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter.
CVE-2004-1632 1 Moniwiki 1 Moniwiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php.
CVE-2005-4278 1 Larry Wall 1 Perl 2026-04-16 N/A
Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
CVE-2005-4280 1 Kitware 1 Cmake 2026-04-16 N/A
Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
CVE-2005-4281 1 Zaygo 1 Hostingcart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root parameter to zaygo.cgi.
CVE-2005-4286 1 Phplogcon 1 Phplogcon 2026-04-16 N/A
Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote attackers to use arbitrary profiles via unknown vectors involving "'smart' values for userid and password," probably involving an SQL injection vulnerability in the (1) pass and (2) usr parameters in submit.php.