Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0570 1 Punbb 1 Punbb 2026-04-16 N/A
profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL.
CVE-2005-0571 1 Punbb 1 Punbb 2026-04-16 N/A
admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter.
CVE-2005-0572 1 Phpwebsite 1 Phpwebsite 2026-04-16 N/A
index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEA_search_module parameter, which reveals the path in a PHP error message.
CVE-2005-0573 1 Rob Flynn 1 Gaim 2026-04-16 N/A
Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters.
CVE-2005-0588 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system.
CVE-2005-0589 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability.
CVE-2005-0590 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname.
CVE-2005-0607 1 Devellion 1 Cubecart 2026-04-16 N/A
CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to (1) information.php, (2) language.php, (3) list_docs.php, (4) popular_prod.php, (5) sale.php, (6) subfooter.inc.php, (7) subheader.inc.php, (8) cat_navi.php, or (9) check_sum.php, which reveals the path in a PHP error message.
CVE-2005-0608 1 Webmod 1 Webmod 2026-04-16 N/A
Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a POST request with a Content-Length that is less than the amount of data that is actually sent.
CVE-2005-0611 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1, allows remote attackers to execute arbitrary code via .WAV files.
CVE-2005-0612 1 Cisco 7 Ipvc-3510-mcu, Ipvc-3520-gw-2b, Ipvc-3520-gw-2b2v and 4 more 2026-04-16 N/A
Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration.
CVE-2005-0615 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter.
CVE-2005-0616 1 Postnuke Software Foundation 1 Postnuke Phoenix 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables.
CVE-2005-0636 1 Foxmail 1 Foxmail Email Server 2026-04-16 N/A
Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command.
CVE-2005-0631 1 Pblang 1 Pblang 2026-04-16 N/A
delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters.
CVE-2005-0632 1 Phpnews 1 Phpnews 2026-04-16 N/A
PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter.
CVE-2005-0633 1 Cerulean Studios 2 Trillian, Trillian Pro 2026-04-16 N/A
Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
CVE-2005-0634 1 Kmint21 Software 1 Golden Ftp Server 2026-04-16 N/A
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2005-0663 1 Mercuryboard 1 Mercuryboard 2026-04-16 N/A
SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter.
CVE-2005-0656 1 Arif Supriyanto 1 Auracms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.