Export limit exceeded: 361070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19959 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361070 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1817 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters. | ||||
| CVE-2005-1818 | 1 Newlife Blogger | 1 Newlife Blogger | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 allow remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2005-1819 | 1 Nikosoft | 1 Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-1820 | 1 Zeroboard | 1 Zeroboard | 2026-04-16 | N/A |
| zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP code via improper quoting when using the preg_replace function. | ||||
| CVE-2006-2333 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MyBB (aka MyBulletinBoard) 1.1.1 allow remote attackers to execute arbitrary SQL commands via the e-mail address when registering for a forum that requires e-mail verification, which is not properly handled in (1) usercp.php and (2) member.php. | ||||
| CVE-2005-1826 | 1 Hp | 1 Radia Client | 2026-04-16 | N/A |
| Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension. | ||||
| CVE-2005-1828 | 1 Dlink | 2 Dsl-504t, Dsl-504t Firmware | 2026-04-16 | 7.5 High |
| D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-1836 | 1 Nextweb | 1 Nextweb \(i\)site | 2026-04-16 | N/A |
| NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP request, possibly involving wildcard requests for .jsp files. | ||||
| CVE-2005-1840 | 1 Phpcms | 1 Phpcms | 2026-04-16 | N/A |
| Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. (dot dot) in the language parameter to parser.php. | ||||
| CVE-2005-1842 | 1 Adobe | 1 Version Cue | 2026-04-16 | N/A |
| VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2005-1843 | 1 Adobe | 1 Version Cue | 2026-04-16 | N/A |
| VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument. | ||||
| CVE-2006-2337 | 1 D-link | 1 Dsl-g604t | 2026-04-16 | N/A |
| Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | ||||
| CVE-2005-1853 | 1 University Of Minnesota | 1 Gopher | 2026-04-16 | N/A |
| gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges. | ||||
| CVE-2005-1854 | 1 Debian | 1 Apt-cacher | 2026-04-16 | N/A |
| Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server. | ||||
| CVE-2005-1856 | 1 Sukria | 1 Backup Manager | 2026-04-16 | N/A |
| The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack. | ||||
| CVE-2006-2338 | 1 Planet Concept | 1 Planetstat | 2026-04-16 | N/A |
| PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the (1) admin.php or (2) settings.php page. | ||||
| CVE-2005-1859 | 1 Sgi | 1 Propack | 2026-04-16 | N/A |
| Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array. | ||||
| CVE-2005-1864 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter. | ||||
| CVE-2005-1866 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter. | ||||
| CVE-2006-2339 | 1 Evo-dev | 2 Evotopsites, Evotopsites Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x allows remote attackers to execute arbitrary SQL commands via the (1) cat_id and (2) id parameters. | ||||