Export limit exceeded: 361450 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361450 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3882 | 1 Faqsystems | 1 Faqring Knowledge Base Software | 2026-04-16 | N/A |
| SQL injection vulnerability in answer.php in FAQSystems FAQRing Knowledge Base Software 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-3884 | 1 Zainu | 1 Zainu | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term and (2) start parameters to index.php. | ||||
| CVE-2005-3885 | 1 Inkscape | 1 Inkscape | 2026-04-16 | N/A |
| The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. | ||||
| CVE-2005-3886 | 1 Cisco | 1 Security Agent | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. | ||||
| CVE-2006-1133 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441. | ||||
| CVE-2006-2755 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords. | ||||
| CVE-2005-3892 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone. | ||||
| CVE-2006-2715 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, which allows remote attackers to gain access to servers via the console. | ||||
| CVE-2005-3740 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.206 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the forum_id parameter to options.php or (2) lastvisited parameter to viewforum.php. | ||||
| CVE-2005-3739 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and earlier allows remote attackers to obtain the full path via unspecified vectors. | ||||
| CVE-2005-3738 | 1 Mambo | 1 Mambo Site Server | 2026-04-16 | N/A |
| globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion. | ||||
| CVE-2004-1265 | 1 Alex Dunaevsky | 1 Convex 3d | 2026-04-16 | N/A |
| Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex 3D 0.8pre1 allows remote attackers to execute arbitrary code via a crafted 3DS file. | ||||
| CVE-2005-3731 | 1 Yassl | 1 Yassl | 2026-04-16 | N/A |
| Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and attack vectors, related to "certificate chain processing." | ||||
| CVE-2005-3729 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| Idetix Software Systems Revize CMS allows remote attackers to obtain sensitive information via direct requests to files in the revize/debug directory, such as (1) apptables.html and (2) main.html. | ||||
| CVE-2005-3724 | 1 Zyxel | 2 P2000w Version 1 Voip Wifi Phone, Prestige 2000w V.1voip Wi-fi Phone | 2026-04-16 | N/A |
| Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication. | ||||
| CVE-2005-3722 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2026-04-16 | N/A |
| The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows remote attackers to gain read or write access to system configuration using arbitrary SNMP credentials. | ||||
| CVE-2006-2713 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers to determine the CEID of a protected asset, which can be used in other attacks against AVR. | ||||
| CVE-2005-3715 | 1 Senao | 1 Si-680h Wireless Voip Phone | 2026-04-16 | N/A |
| Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service. | ||||
| CVE-2005-3335 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter. | ||||
| CVE-2006-2645 | 1 Plume-cms | 1 Plume Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in manager/frontinc/prepend.php for Plume 1.0.3 allows remote attackers to execute arbitrary code via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version than CVE-2006-0725. | ||||