Export limit exceeded: 361554 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361554 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361554 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0658 | 1 Cmw Linklist | 1 Cmw Linklist | 2026-04-16 | N/A |
| SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute arbitrary SQL commands via the category_uid parameter. | ||||
| CVE-2005-0659 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message. | ||||
| CVE-2005-0660 | 1 Adalis | 1 D-forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3. | ||||
| CVE-2005-0665 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename. | ||||
| CVE-2006-3069 | 1 Iglooweb | 1 Doublespeak | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the config[private] parameter in multiple files, as demonstrated by (1) index.php, (2) faq.php, and (3) hardware.php. NOTE: this issue has been disputed by multiple third-party researchers, who state that config[private] is initialized in an include file before being used | ||||
| CVE-2005-0680 | 1 Stadtaus | 1 Download Center Lite | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2006-1684 | 1 Ecotwo | 1 Shopsystem | 2026-04-16 | N/A |
| Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors. | ||||
| CVE-2005-0704 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code. | ||||
| CVE-2005-2215 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888. | ||||
| CVE-2005-0729 | 1 Techland | 1 Xpand Rally | 2026-04-16 | N/A |
| Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message. | ||||
| CVE-2005-0732 | 1 Py Software | 1 Active Webcam | 2026-04-16 | N/A |
| PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to obtain the full path of the web server via a request for a non-existent filename, which leaks the full path in an error message. | ||||
| CVE-2005-0734 | 1 Py Software | 1 Active Webcam | 2026-04-16 | N/A |
| PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (memory exhaustion and process crash) via a large number of HTTP requests. | ||||
| CVE-2005-2216 | 1 Photogal | 1 Photogal Photo Gallery | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter. | ||||
| CVE-2005-0745 | 1 Utstarcom | 1 Ian-02ex Voip Ata | 2026-04-16 | N/A |
| UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restrictions by dialing "*#26845#" and causing a device reset. | ||||
| CVE-2005-0761 | 3 Imagemagick, Redhat, Sgi | 3 Imagemagick, Enterprise Linux, Propack | 2026-04-16 | N/A |
| Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file. | ||||
| CVE-2005-0771 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | N/A |
| VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106. | ||||
| CVE-2006-1720 | 1 Arabless | 1 Saphplesson | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection. | ||||
| CVE-2006-1722 | 1 Suche | 1 Shopxs | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in suche.htm in ShopXS 4.0 allows remote attackers to inject arbitrary web script or HTML via the Suchstring1 (aka search) parameter. | ||||
| CVE-2006-1753 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2005-2217 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2026-04-16 | N/A |
| Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | ||||