Export limit exceeded: 364840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3537 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs. | ||||
| CVE-2005-3544 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||
| CVE-2005-3545 | 1 Ibproarcade | 1 Ibproarcade | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | ||||
| CVE-2005-3546 | 1 F-secure | 2 F-secure Anti-virus, Internet Gatekeeper | 2026-04-16 | N/A |
| suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege. | ||||
| CVE-2005-3547 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Address, (8) Components, and multiple other input fields. | ||||
| CVE-2005-3550 | 1 Toenda Software Development | 1 Toendacms | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin.php in toendaCMS before 0.6.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the id_user parameter. | ||||
| CVE-2005-3551 | 1 Toenda Software Development | 1 Toendacms | 2026-04-16 | N/A |
| toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows remote attackers to obtain sensitive information via a direct request to the appropriate XML file. | ||||
| CVE-2005-3555 | 1 Tincan | 1 Phplist | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier allow authenticated remote attackers with administrator privileges to execute arbitrary SQL commands via the id parameter in the (1) editattributes or (2) admin page. | ||||
| CVE-2005-3556 | 1 Tincan | 1 Phplist | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php, (3) title field in (c) admin/template.php, (4) filter, (5) delete, and (6) start parameters in (d) admin/eventlog.php, (7) id parameter in (e) admin/configure.php, (8) find parameter in (f) admin/users.php, (9) start parameter in (g) admin/admin.php, and (10) action parameter in (h) admin/fckphplist.php. | ||||
| CVE-2005-3558 | 1 Oste | 1 Oste | 2026-04-16 | N/A |
| PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters. | ||||
| CVE-2005-3559 | 1 Digium | 1 Asterisk | 2026-04-16 | N/A |
| Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. | ||||
| CVE-2005-3560 | 1 Zonelabs | 4 Zonealarm, Zonealarm Anti-spyware, Zonealarm Antivirus and 1 more | 2026-04-16 | N/A |
| Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. | ||||
| CVE-2005-3564 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors. | ||||
| CVE-2005-3565 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors. | ||||
| CVE-2005-3569 | 1 Ibm | 1 Db2 Content Manager | 2026-04-16 | N/A |
| INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX allows attackers to cause a denial of service (application crash) via unknown attack vectors involving LZH files. | ||||
| CVE-2005-3572 | 1 Peel | 1 Peel | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. | ||||
| CVE-2005-3573 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-3587 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors. | ||||
| CVE-2005-3588 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the username field. | ||||
| CVE-2005-3589 | 1 Filezilla | 1 Filezilla Server Terminal | 2026-04-16 | N/A |
| Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command. | ||||