Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0570 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL. | ||||
| CVE-2005-0571 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter. | ||||
| CVE-2005-0572 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | N/A |
| index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEA_search_module parameter, which reveals the path in a PHP error message. | ||||
| CVE-2005-0573 | 1 Rob Flynn | 1 Gaim | 2026-04-16 | N/A |
| Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters. | ||||
| CVE-2005-0588 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | ||||
| CVE-2005-0589 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability. | ||||
| CVE-2005-0590 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. | ||||
| CVE-2005-0607 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message. | ||||
| CVE-2005-0608 | 1 Webmod | 1 Webmod | 2026-04-16 | N/A |
| Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a POST request with a Content-Length that is less than the amount of data that is actually sent. | ||||
| CVE-2005-0611 | 2 Realnetworks, Redhat | 5 Helix Player, Realone Player, Realplayer and 2 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files. | ||||
| CVE-2005-0612 | 1 Cisco | 7 Ipvc-3510-mcu, Ipvc-3520-gw-2b, Ipvc-3520-gw-2b2v and 4 more | 2026-04-16 | N/A |
| Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration. | ||||
| CVE-2005-0615 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter. | ||||
| CVE-2005-0616 | 1 Postnuke Software Foundation | 1 Postnuke Phoenix | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. | ||||
| CVE-2005-0636 | 1 Foxmail | 1 Foxmail Email Server | 2026-04-16 | N/A |
| Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command. | ||||
| CVE-2005-0631 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. | ||||
| CVE-2005-0632 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2005-0633 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2026-04-16 | N/A |
| Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | ||||
| CVE-2005-0634 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2005-0663 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter. | ||||
| CVE-2005-0656 | 1 Arif Supriyanto | 1 Auracms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php. | ||||