Export limit exceeded: 364818 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1474 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CVE-2005-1933. | ||||
| CVE-2005-1494 | 1 Megabook | 1 Megabook | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) entryid or (2) password parameter. | ||||
| CVE-2005-1480 | 1 Raiden Professional Servers | 1 Raidenftpd | 2026-04-16 | N/A |
| Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbitrary files via a "..\\" (dot dot backslash) in the urlget site command. | ||||
| CVE-2005-1481 | 1 Aaronoutpost | 1 Asp Inline Corporate Calendar | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline Corporate Calendar allow remote attackers to execute arbitrary SQL commands via the Event_ID parameter to (1) defer.asp or (2) details.asp. | ||||
| CVE-2005-1482 | 1 Interspire | 1 Articlelive | 2026-04-16 | N/A |
| ArticleLive 2005 allows remote attackers to gain privileges by modifying the (1) auth and (2) userId fields in a cookie. | ||||
| CVE-2005-1483 | 1 Interspire | 1 Articlelive | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter. | ||||
| CVE-2005-1484 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbitrary files via a "\.." (backward slash dot dot) with a leading '"' (double quote) in the GET command. | ||||
| CVE-2005-1485 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request for a file that does not exist, which reveals the absolute path of the FTP server in the resulting FTP error message. | ||||
| CVE-2005-1488 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) the E-mail address, Note, or Public Certificate fields to address.html, (2) addressaction.html, (3) the Signature field to settings.html, or (4) the Shared calendars to calendarsettings.html. | ||||
| CVE-2005-1489 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html. | ||||
| CVE-2005-1490 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allows remote authenticated users to determine if a file exists via the folder parameter to attachment.html. | ||||
| CVE-2005-1491 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html. | ||||
| CVE-2005-1492 | 1 Gossamer Threads | 2 Gossamer Threads Links, Gossamer Threads Links-sql | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||
| CVE-2005-1507 | 1 4d | 1 Webstar | 2026-04-16 | N/A |
| Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL. | ||||
| CVE-2005-1508 | 1 Pwsphp | 1 Pwsphp | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4) annee parameters to the stats module, (5) id parameter to profil.php, (6) mb_lettre or (7) lettre parameter to memberlist.php, or (8) chaine_search, or (9) auteur_search parameter to the recherche module. | ||||
| CVE-2005-1509 | 1 Pwsphp | 1 Pwsphp | 2026-04-16 | N/A |
| SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-1510 | 1 Pwsphp | 1 Pwsphp | 2026-04-16 | N/A |
| PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message. | ||||
| CVE-2005-1511 | 1 Pwsphp | 1 Pwsphp | 2026-04-16 | N/A |
| PwsPHP 1.2.2 allows remote attackers to bypass authentication and post arbitrary comments via the Pseudo cookie. | ||||
| CVE-2005-2082 | 1 Cgi-club | 1 Imtrset | 2026-04-16 | N/A |
| im_trbbs.cgi in imTRSET 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the df parameter. | ||||
| CVE-2005-2086 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code. | ||||