Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1287 1 Bk Dev 1 Bk Forum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp.
CVE-2005-1288 1 Asp Press 1 Acs Blog 2026-04-16 N/A
inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privileges via the "in" value in a cookie.
CVE-2005-1289 1 E-cart 1 E-cart 2026-04-16 N/A
index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and possibly (2) cat parameters.
CVE-2005-1302 1 Swsoft 1 Confixx 2026-04-16 N/A
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
CVE-2005-1307 2 Adobe, Apple 2 Version Cue, Mac Os X 2026-04-16 N/A
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
CVE-2005-1309 1 Eaden Mckee 1 Bblog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text.
CVE-2005-1310 1 Eaden Mckee 1 Bblog 2026-04-16 N/A
SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter.
CVE-2005-1312 1 Yappa-ng 1 Yappa-ng 2026-04-16 N/A
PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors.
CVE-2005-1313 1 Horde 1 Passwd 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Passwd module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1314 1 Horde 1 Kronolith 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Kronolith module before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1315 1 Horde 1 Turba 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Turba module before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1316 1 Horde 1 Accounts 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Accounts module before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1317 1 Horde 1 Chora 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1318 1 Horde 1 Forwards 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1319 1 Horde 1 Imp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1321 1 Horde 1 Vaction 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1322 1 Horde 1 Nag 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1323 1 Intersoft 1 Netterm 2026-04-16 N/A
Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote attackers to execute arbitrary code via a long USER command.
CVE-2005-1324 1 Matthieu Aubry 1 Phpmyvisites 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters.
CVE-2005-1325 1 Matthieu Aubry 1 Phpmyvisites 2026-04-16 N/A
set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the mylang parameter.