Export limit exceeded: 361364 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361364 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4462 | 1 Tolva | 1 Tolva | 2026-04-16 | N/A |
| PHP remote file include vulnerability in usermods.php in Tolva PHP website system 0.1.0 allows remote attackers to execute arbitrary code via a URL in the ROOT parameter. | ||||
| CVE-2005-4464 | 1 Ingate | 2 Ingate Firewall, Siparator | 2026-04-16 | N/A |
| Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response. | ||||
| CVE-2005-4465 | 1 Nec | 1 Univerge | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-4467 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Directory traversal vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the PGV_BASE_DIRECTORY parameter. | ||||
| CVE-2005-4468 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. | ||||
| CVE-2005-4469 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parameters in login_register.php, which is directly inserted into authenticate.php. | ||||
| CVE-2005-4471 | 1 Avaya | 1 Modular Messaging Message Storage Server | 2026-04-16 | N/A |
| POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | ||||
| CVE-2005-4472 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters. | ||||
| CVE-2005-4473 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." | ||||
| CVE-2005-4475 | 1 Alkacon | 1 Opencms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4476 | 1 Openedit Inc | 1 Openedit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page parameters. | ||||
| CVE-2005-4477 | 1 Papaya | 1 Papaya Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter. | ||||
| CVE-2005-4479 | 1 Phpslash | 1 Phpslash | 2026-04-16 | N/A |
| SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the story_id parameter. | ||||
| CVE-2005-4480 | 1 Plexcor | 1 Plexcor Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. | ||||
| CVE-2005-4483 | 1 Iatek | 1 Siteenable | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter. | ||||
| CVE-2005-4484 | 1 Iatek | 1 Intranetapp | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IntranetApp 3.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ret_page parameter to login.asp or the (2) do_search and (3) search parameters to content.asp. | ||||
| CVE-2005-4486 | 1 Quantum Art | 1 Qp7 Enterprise | 2026-04-16 | N/A |
| SQL injection vulnerability in Quantum Art QP7.Enterprise (formerly Q-Publishing) allows remote attackers to execute arbitrary SQL commands via the p_news_id parameter to (1) news_and_events_new.asp and (2) news.asp. NOTE: on 20060227, the vendor disputed the accuracy of this report, saying that the p_news_id, news_and_events_new.asp, and news.asp are not specifically part of their product, although they could be dynamically generated through use of the product. Some investigation by CVE suggests evidence that the news_and_events_new.asp page has at least a forced invalid SQL syntax error, but this could not be repeated for news.asp | ||||
| CVE-2005-4487 | 1 Ramsite | 1 R1 Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in RAMSite R|1 CMS 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchfield parameter. | ||||
| CVE-2005-4488 | 1 Computeroil | 1 Redakto Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Redakto WCMS 3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) iid, (2) iid2, (3) r, (4) cart, (5) str, (6) nf, and (7) a parameters. | ||||
| CVE-2005-4489 | 1 Scoop | 1 Scoop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Scoop 1.1 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) type and (2) count parameters, and (3) the query string in a story. | ||||