Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3802 | 1 Belkin | 2 F5d7230-4, F5d7232-4 | 2026-04-16 | N/A |
| Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication. | ||||
| CVE-2006-2887 | 1 Aspburst | 1 Mynewsletter | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin.asp. | ||||
| CVE-2005-3913 | 1 Vchs | 1 Vchs | 2026-04-16 | N/A |
| Unspecified vulnerability in the domain alias management in Virtual Hosting Control System (VHCS) 2.4.6.2, related to "creating and deleting forwards for domain aliases," allows users to hijack the forwardings of other users. | ||||
| CVE-2006-2960 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. | ||||
| CVE-2005-3914 | 1 Affcommerce | 1 Affcommerce | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitrary SQL commands via (1) the cl parameter to SubCategory.php and the item_id parameter in (2) ItemInfo.php and (3) ItemReview.php. | ||||
| CVE-2006-2961 | 1 Aclogic | 1 Cesarftp | 2026-04-16 | N/A |
| Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-2962 | 1 Oxfam Australia | 1 Emergencies Personnel Information System | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in sql_fcnsOLD.php in Emergenices Personnel Information System (Empris) 20020923 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phormationdir parameter. | ||||
| CVE-2005-3915 | 1 Clavister | 2 Clavister Firewall, Clavister Security Gateway | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2006-2963 | 1 It-direkt | 1 Cabacos Web Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlier allows remote attackers to inject arbitrary web script or HTML via the suchtext parameter. | ||||
| CVE-2005-3916 | 1 Wsn Forum | 1 Wsn Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action. | ||||
| CVE-2006-2964 | 1 Xtreme Scripts | 1 Download Manager | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Xtreme Scripts Download Manager (aka Xtreme Downloads) 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in (1) download.php, (2) manager.php, (3) admin/scripts/category.php, (4) includes/add_allow.php, (5) admin/index.php, and (6) admin/admin/login.php. | ||||
| CVE-2005-3917 | 1 Commodityrentals | 1 Commodityrentals | 2026-04-16 | N/A |
| SQL injection vulnerability in usersession in CommodityRentals 2.0 Online Rental Business Creator script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2006-2968 | 1 Php Labware | 1 Labwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHP Labware LabWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input box (query parameter). | ||||
| CVE-2005-3918 | 1 Ovbb | 1 Ovbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial. | ||||
| CVE-2005-3919 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote attackers to inject arbitrary web script or HTML via multiple fields in (1) UCP.php and (2) SendPm.php. | ||||
| CVE-2006-2974 | 1 Emailarchitect | 1 Email Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect Email Server 6.1.0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) errCode and (2) uid parameter in (a) default.asp and (3) dname parameter in (b) /admin/dns.asp and (c) /additional/regdomain_done.asp. | ||||
| CVE-2005-3920 | 1 Babe Logger | 1 Babe Logger | 2026-04-16 | N/A |
| SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL commands via the (1) gal parameter to index.php or (2) id parameter to comments.php. | ||||
| CVE-2006-2976 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in usermgr.php in Coppermine Photo Gallery before 1.4.7 has unknown impact and remote attack vectors, possibly related to authorization/authentication errors. | ||||
| CVE-2005-3921 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers. | ||||
| CVE-2006-2984 | 1 Integramod | 1 Integramod | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection. | ||||