Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3500 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block.
CVE-2005-3502 1 Cerberus 1 Cerberus Helpdesk 2026-04-16 N/A
attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.
CVE-2005-3503 1 Pwdutils 1 Pwdutils 2026-04-16 N/A
chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges.
CVE-2005-3505 1 Cpanel 1 Cpanel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processed by Internet Explorer.
CVE-2005-3506 1 Sambar 1 Sambar Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field.
CVE-2005-3507 1 Cutephp 1 Cutenews 2026-04-16 N/A
Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary files, execute code, and gain privileges via "../" sequences in the template parameter to (1) show_archives.php and (2) show_news.php.
CVE-2005-3508 1 Galerie 1 Galerie 2026-04-16 N/A
SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to execute arbitrary SQL commands via the galid parameter.
CVE-2005-3509 1 Jportal 1 Jportal Web Portal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL commands via (1) banner.php or the id parameter to (2) print.php, (3) comment.php, and (4) news.php.
CVE-2005-3510 2 Apache, Redhat 4 Tomcat, Certificate System, Network Satellite and 1 more 2026-04-16 N/A
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
CVE-2005-3513 1 Vubb 1 Vubb 2026-04-16 N/A
index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the application via a viewforum action with the f parameter set to a single quote (').
CVE-2005-3515 1 Chipmunk Scripts 1 Chipmunk Topsites 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
CVE-2005-3516 1 Chipmunk Scripts 1 Chipmunk Directory 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote attackers to inject arbitrary web script or HTML via the entryID parameter.
CVE-2005-3517 1 Chipmunk Scripts 1 Chipmunk Guestbook 2026-04-16 N/A
Chipmunk Scripts Guestbook allows remote attackers to obtain the installation path of the script via a URL that causes an error message to be displayed, such as a URL that contains a single quote (') in the start parameter of index.php.
CVE-2005-3518 1 Punbb 1 Punbb 2026-04-16 N/A
SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote attackers to execute arbitrary SQL commands via the old_searches parameter.
CVE-2005-3538 1 Ifax Solutions 1 Hylafax 2026-04-16 N/A
hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges.
CVE-2005-3537 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs.
CVE-2005-3544 1 Xmb Forum 1 Xmb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2005-3545 1 Ibproarcade 1 Ibproarcade 2026-04-16 N/A
SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.
CVE-2005-3546 1 F-secure 2 F-secure Anti-virus, Internet Gatekeeper 2026-04-16 N/A
suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.
CVE-2005-3547 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Address, (8) Components, and multiple other input fields.