Export limit exceeded: 362833 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1092 1 Light Speed Technology 1 Deluxeftp 2026-04-16 N/A
Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.
CVE-2005-1093 1 Popup Plus Plugin 1 Popup Plus Plugin For Miranda Im 2026-04-16 N/A
Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code.
CVE-2005-1094 1 Network-client.com 1 Ftp Now 2026-04-16 N/A
FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.
CVE-2005-1095 1 Ocean12 Technologies 1 Membership Manager Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2005-1096 1 Ocean12 Technologies 1 Membership Manager Pro 2026-04-16 N/A
SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter.
CVE-2005-1097 1 Rebrand 1 P2p Share Spy 2026-04-16 N/A
Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the registry, which allows local users to gain privileges.
CVE-2005-1115 2 Phpbb Group, Smartor 2 Phpbb, Photo Album 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php.
CVE-2005-1116 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php.
CVE-2005-1117 1 All4www 1 All4www-homepagecreator 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in All4WWW-Homepagecreator 1.0a allows remote attackers to execute arbitrary PHP code by modifying the site parameter to reference a URL on a remote web server that contains the code.
CVE-2005-1118 1 Rsa 1 Authentication Agent For Web 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.
CVE-2005-1120 1 Ilohamail 1 Ilohamail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the e-mail (1) body, (2) filename, or (3) MIME type.
CVE-2005-1121 2 Gentoo, Igor Khasilev 2 Linux, Oops Proxy Server 2026-04-16 N/A
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
CVE-2005-1124 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.
CVE-2005-1125 1 Avaya 1 Libsafe 2026-04-16 N/A
Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.
CVE-2005-1127 1 Postgrey 1 Postgrey 2026-04-16 N/A
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey.
CVE-2005-1128 1 Virtual Hosting Control System 1 Virtual Hosting Control System 2026-04-16 N/A
Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries.
CVE-2005-1129 1 Egroupware 1 Egroupware 2026-04-16 N/A
eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient.
CVE-2005-1130 1 Desert Dog Software 1 Pinnacle Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter.
CVE-2005-1131 1 Symantec Veritas 1 I3 Focalpoint Server 2026-04-16 N/A
Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and unknown but "critical" impact.
CVE-2005-1132 1 Lg Electronics 1 Lg Mobile Phone 2026-04-16 N/A
LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file.