Export limit exceeded: 361151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361151 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2486 | 1 Portailphp | 1 Portailphp | 2026-04-16 | N/A |
| SQL injection vulnerability in mod_forum/read_message.php in PortailPHP allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php with the affiche parameter set to "Forum-read_mess", a different vulnerability than CVE-2005-1701. | ||||
| CVE-2005-2812 | 1 Man2web | 1 Man2web | 2026-04-16 | N/A |
| man2web allows remote attackers to execute arbitrary commands via -P arguments. | ||||
| CVE-2005-2494 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2026-04-16 | N/A |
| kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files. | ||||
| CVE-2005-2207 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2005-2206 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CartWIZ allow remote attackers to modify SQL statements via the (1) idProduct parameter to tellAFriend.asp, (2) sortType parameter to viewSupportTickets.asp, or the id parameter to (3) updateCreditCards.asp or (4) deleteCreditCards.asp. | ||||
| CVE-2005-1883 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter. | ||||
| CVE-2005-1884 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter. | ||||
| CVE-2006-2342 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM WebSphere Application Server 6.0.2 before FixPack 3 allows remote attackers to bypass authentication for the Welcome Page via a request to the default context root. | ||||
| CVE-2005-1886 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via (1) the phid parameter or (2) unknown parameters when posting a new comment. | ||||
| CVE-2005-1887 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges. | ||||
| CVE-2005-1888 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates. | ||||
| CVE-2005-1889 | 1 Sun | 1 Java System Web Server | 2026-04-16 | N/A |
| Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files. | ||||
| CVE-2005-1890 | 1 Mortiforo | 1 Mortiforo | 2026-04-16 | N/A |
| Unknown vulnerability in Mortiforo before 0.9.1 allows users to access private forums via unknown attack vectors. | ||||
| CVE-2005-1892 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which triggers an infinite loop, or (2) direct requests to unknown scripts, which reveals the web document root in an error message. | ||||
| CVE-2006-2343 | 1 Adventnet | 1 Manageengine Opmanager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2005-1897 | 1 Flexcast | 1 Flexcast Audio Video Streaming Server | 2026-04-16 | N/A |
| Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors. | ||||
| CVE-2005-1898 | 1 Phpthumb | 1 Phpthumb | 2026-04-16 | N/A |
| The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images. | ||||
| CVE-2005-1900 | 1 Sawmill | 1 Sawmill | 2026-04-16 | N/A |
| Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license. | ||||
| CVE-2006-2345 | 1 Roostercode Ajax Softwares | 1 Alipager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2005-1908 | 1 Perception | 1 Liteweb | 2026-04-16 | N/A |
| Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL. | ||||