Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4701 1 Sun 1 Solaris 2026-04-16 N/A
Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx.
CVE-2000-0953 1 Evolvable Corporation 1 Shambala Server 2026-04-16 N/A
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
CVE-2005-1182 1 Ibm 1 Os 400 2026-04-16 N/A
Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs.
CVE-2005-1903 1 E-post Corporation 1 Spa-pro Mail Atsolomon 2026-04-16 N/A
Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.
CVE-2005-1392 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
CVE-2005-1952 1 Pico Server 1 Pico Server 2026-04-16 N/A
Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ (slash dot slash) before each .. (dot dot) sequence in the URL, which results in an incorrect directory depth count.
CVE-2005-1989 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability".
CVE-2005-1998 1 Mcgallery 1 Mcgallery 2026-04-16 N/A
Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
CVE-2005-2004 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ref parameter to login.php, (2) id or (3) page parameter to viewtopic.php, id parameter to (4) profile.php, (5) newpost.php, (6) email.php, (7) icq.php, or (8) aol.php, (9) t_id parameter to newpost.php, (10) ref parameter to getpass.php, or (11) sText parameter to search.php.
CVE-2005-2010 1 Uapplication 1 Ublog Reload 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in trackback.asp in Ublog Reload 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the btitle parameter.
CVE-2005-4001 1 Phpyellow 2 Phpyellowtm Lite, Phpyellowtm Pro 2026-04-16 N/A
Multiple SQL injection vulnerabilities in phpYellowTM Pro Edition and Lite Edition 5.33 allow remote attackers to execute arbitrary SQL commands via the (1) haystack parameter to search_result.php or (2) ckey parameter to print_me.php.
CVE-2005-2028 1 Mercuryboard 1 Mercuryboard Message Board 2026-04-16 N/A
SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header.
CVE-2002-1702 1 Deltascripts 1 Php Classifieds 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter.
CVE-2002-1709 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive information or possibly modify data via the id variable.
CVE-2002-1714 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion.
CVE-2005-1960 1 C.j. Steele 1 Tattle 2026-04-16 N/A
The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries, as demonstrated using shell metacharacters in an FTP username.
CVE-2005-2063 1 Active Web Softwares 1 Activebuyandsell 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp.
CVE-2005-2065 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parameter.
CVE-2005-2067 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
CVE-2005-4010 1 Sensation Designs 1 Kbase Express 2026-04-16 N/A
SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php.