Export limit exceeded: 363500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2989 1 Deluxebb 1 Deluxebb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.
CVE-2005-2990 1 Linecontrol 1 Java Client 2026-04-16 N/A
AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files.
CVE-2005-2991 1 Ncompress 1 Ncompress 2026-04-16 5.0 Medium
ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.
CVE-2005-2992 1 Arc 1 Arc 2026-04-16 N/A
arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945.
CVE-2005-2994 1 Ibm 1 Rational Clearquest 2026-04-16 N/A
Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets (XSS).
CVE-2005-3001 1 Sun 1 Solaris 2026-04-16 N/A
Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2005-3002 1 Xclusive-software 1 Mccs 2026-04-16 N/A
Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet.
CVE-2005-3003 1 Noosoftware 1 Nootoplist 2026-04-16 N/A
SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters.
CVE-2005-3004 1 Interakt 1 Mx Shop 2026-04-16 N/A
SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php.
CVE-2005-3008 1 Amar Sagoo 1 Tofu 2026-04-16 N/A
Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.
CVE-2005-3009 1 Cutephp 1 Cutenews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php.
CVE-2005-3010 1 Cutephp 1 Cutenews 2026-04-16 N/A
Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php.
CVE-2005-3012 1 Simplecdr-x 1 Simplecdr-x 2026-04-16 N/A
The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.
CVE-2005-3013 1 Suse 1 Suse Linux 2026-04-16 N/A
Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.
CVE-2005-3014 1 Ensim 1 Webppliance 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.
CVE-2005-3016 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors.
CVE-2005-3017 1 Content2web 1 Content2web 2026-04-16 N/A
PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).
CVE-2005-3039 1 Mall23 1 Mall23 2026-04-16 N/A
SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter.
CVE-2005-3042 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
CVE-2005-3043 1 Mall23 1 Mall23 2026-04-16 N/A
SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter.