Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4624 1 Ptnet 1 Ptnet Ircd 2026-04-16 N/A
The m_join function in channel.c for PTnet ircd 1.5 and 1.6 allows remote attackers to cause a denial of service (memory exhaustion that triggers a daemon restart) via a large number of requests to join a "charmed channel" such as PTnet, #PTnoticias and #*.log, which causes ircd to open the channel even though it does not have any valid users.
CVE-2005-4626 1 Recruitment Software 1 Recruitment Software 2026-04-16 N/A
The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
CVE-2005-4627 2 Gfhost, Gmailsite 2 Gfhost, Gmailsite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite 1.0 through 1.0.4 and (2) GFHost 0.1.1 through 0.4.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter.
CVE-2005-4628 1 Help Desk Point Software 1 Helpdeskpoint 2026-04-16 N/A
SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2005-4777 1 Tashcom 1 Aspedit 2026-04-16 N/A
Tashcom ASPEdit 2.9 stores the administration password (aka the FTP password) in cleartext in the registry, which might allow local users to view the password.
CVE-2005-4662 1 Ocomon 1 Ocomon 2026-04-16 N/A
Multiple SQL injection vulnerabilities in OcoMon 1.20, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via unknown attack vectors in an unspecified input form, a different vulnerability than CVE-2005-4664.
CVE-2005-4652 1 Phlymail 1 Phlymail 2026-04-16 N/A
SQL injection vulnerability in PHlyMail 3.02.01 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2005-4653 1 Al-caricatier 1 Al-caricatier 2026-04-16 N/A
Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier allows remote attackers to bypass login authentication by requesting view_caricatier.php, and then requesting any file in the admin directory with a cookie_username=admin argument.
CVE-2005-4656 1 Triggertg 1 Tclanportal 2026-04-16 N/A
SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter.
CVE-2005-4657 1 Ocean12 Technologies 1 Calendar Manager Pro 2026-04-16 N/A
Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-4659 1 Ipcop 1 Ipcop 2026-04-16 N/A
IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup.
CVE-2005-4660 1 Ipcop 1 Ipcop 2026-04-16 N/A
Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from this backup.
CVE-2005-4661 1 Campware.org 1 Campsite 2026-04-16 N/A
The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
CVE-2005-4665 1 Punbb 1 Punbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags.
CVE-2005-4666 1 Phlymail 1 Phlymail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHlyMail before 3.3 Beta1 allows remote attackers to inject arbitrary Javascript via unknown attack vectors.
CVE-2005-4668 1 Parosproxy 1 Parosproxy 2026-04-16 N/A
The embedded HSQLDB in ParosProxy before 3.2.7, when running with JDK 1.4.2 before 1.4.2_08, allows local users to execute arbitrary comands via crafted SQL commands that interact with HSQLDB through JDBC, a similar vulnerability to CVE-2003-0845.
CVE-2005-4669 1 Rt Internet Solutions 1 Rt Internet Solutions Webadmin 2026-04-16 N/A
SQL injection vulnerability in RT Internet Solutions (RTIS) WebAdmin allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields.
CVE-2005-4670 1 Citypost 1 Php Lnkx 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in message.php in CityPost Automated Link Exchange (LNKX) allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2005-4671 1 Citypost 1 Simple Php Upload 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in simple-upload-53.php in CityPost Simple PHP Upload 5.3 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2005-4673 1 Inicom Networks 1 Ioftpd 2026-04-16 N/A
ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists, which allows remote attackers to enumerate valid usernames.