Export limit exceeded: 361193 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361193 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2571 | 1 Funkboard | 1 Funkboard | 2026-04-16 | N/A |
| FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php. | ||||
| CVE-2005-2577 | 1 Wyse | 1 Winterm | 2026-04-16 | N/A |
| Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field. | ||||
| CVE-2005-2586 | 1 Mentor | 1 Adslfr4ii | 2026-04-16 | N/A |
| Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information. | ||||
| CVE-2005-2587 | 1 Phptb | 1 Topic Boards | 2026-04-16 | N/A |
| SQL injection vulnerability in emailvalidate.php in PHPTB Topic Boards 2.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter. | ||||
| CVE-2005-2589 | 1 Linksys | 1 Wrt54gs | 2026-04-16 | N/A |
| Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | ||||
| CVE-2005-2590 | 1 Parlano | 1 Mindalign | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-2593 | 1 Parlano | 1 Mindalign | 2026-04-16 | N/A |
| Parlano MindAlign 5.0 and later versions uses weak encryption, with unknown impact and attack vectors. | ||||
| CVE-2005-2594 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. | ||||
| CVE-2005-2595 | 1 Dada Mail | 1 Dada Mail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. | ||||
| CVE-2005-2596 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries. | ||||
| CVE-2005-2597 | 1 Aol | 1 Aol Client Software | 2026-04-16 | N/A |
| AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program. | ||||
| CVE-2005-2599 | 1 Hummingbird | 1 Connectivity | 2026-04-16 | N/A |
| Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial encoding) to store the user's password in the FTP profile, which allows attackers to gain privileges. | ||||
| CVE-2005-2600 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter. | ||||
| CVE-2006-2494 | 1 Lacaveprods | 1 Intellitamper | 2026-04-16 | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a crafted .map file. | ||||
| CVE-2005-2604 | 1 My Image Gallery | 1 My Image Gallery | 2026-04-16 | N/A |
| index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message. | ||||
| CVE-2005-2605 | 1 Omnipilot Software | 1 Lasso Professional Server | 2026-04-16 | N/A |
| Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags. | ||||
| CVE-2005-2606 | 1 Phlymail | 1 Phlymail | 2026-04-16 | N/A |
| Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors. | ||||
| CVE-2005-2607 | 1 Phpsimplicity | 1 Simplicity Of Upload | 2026-04-16 | N/A |
| PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters. | ||||
| CVE-2005-2608 | 1 Safehtml | 1 Safehtml | 2026-04-16 | N/A |
| SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML. | ||||
| CVE-2005-2609 | 1 Vegadns | 1 Vegadns | 2026-04-16 | N/A |
| index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter. | ||||