Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0723 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php.
CVE-2005-0724 1 Php Arena 1 Pafiledb 2026-04-16 N/A
paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid str parameter to pafiledb.php, or a direct request to (2) viewall.php, (3) stats.php, (4) search.php, (5) rate.php, (6) main.php, (7) license.php, (8) category.php, (9) download.php, (10) file.php, (11) email.php, or (12) admin.php, which reveals the path in a PHP error message.
CVE-2006-0598 1 Stefan Ritt 1 Elog Web Logbook 2026-04-16 N/A
Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file.
CVE-2005-0726 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter.
CVE-2005-0733 1 Py Software 1 Active Webcam 2026-04-16 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existence of files via an HTTP request with a full pathname, which produces different messages whether the file exists or not.
CVE-2006-0599 1 Stefan Ritt 1 Elog Web Logbook 2026-04-16 N/A
The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames.
CVE-2005-0734 1 Py Software 1 Active Webcam 2026-04-16 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (memory exhaustion and process crash) via a large number of HTTP requests.
CVE-2005-0736 3 Conectiva, Linux, Redhat 5 Linux, Linux Kernel, Enterprise Linux and 2 more 2026-04-16 N/A
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
CVE-2006-0600 1 Stefan Ritt 1 Elog Web Logbook 2026-04-16 N/A
elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request.
CVE-2005-0737 1 Yahoo 1 Messenger 2026-04-16 N/A
Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.
CVE-2005-0740 1 Openbsd 1 Openbsd 2026-04-16 N/A
The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout.
CVE-2005-0742 1 Sun 1 Java System Application Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-0743 1 Xoops 1 Xoops 2026-04-16 N/A
The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 and earlier allows remote attackers to upload arbitrary PHP scripts, whose file extensions are not filtered.
CVE-2006-0604 1 Hinton Design 1 Phphg Guestbook 2026-04-16 N/A
check.php in Hinton Design phphg Guestbook 1.2 does not check the user password when authenticating via cookies, which allows remote attackers to gain unauthorized access.
CVE-2005-0744 1 Novell 1 Ichain 2026-04-16 N/A
The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.
CVE-2006-0605 1 Unknown Domain 1 Shoutbox 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Unknown Domain Shoutbox 2005.07.21 allow remote attackers to inject arbitrary web script or HTML, possibly via the (1) Handle or (2) Message fields.
CVE-2005-0745 1 Utstarcom 1 Ian-02ex Voip Ata 2026-04-16 N/A
UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restrictions by dialing "*#26845#" and causing a device reset.
CVE-2006-0606 1 Unknown Domain 1 Shoutbox 2026-04-16 N/A
SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2005-0746 1 Novell 1 Ichain 2026-04-16 N/A
The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.
CVE-2005-0747 1 Applyyourself 1 I-class 2026-04-16 N/A
ApplyYourself i-Class allows remote attackers to obtain sensitive information about their own applications by reusing the hidden ID field, as demonstrated using the id parameter to ApplicantDecision.asp.