Export limit exceeded: 363351 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363351 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1599 1 Kryloff Technologies 1 Subject Search Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Kryloff Technologies Subject Search Server (SSServer) 1.1 allows remote attackers to inject arbitrary web script or HTML via the "Search For" field.
CVE-2005-2993 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).
CVE-2005-1600 1 Libtomcrypt 1 Libtomcrypt 2026-04-16 N/A
A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key.
CVE-2005-1601 1 Mro Software 1 Maximo Self Service 2026-04-16 N/A
MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServer.properties.
CVE-2005-2994 1 Ibm 1 Rational Clearquest 2026-04-16 N/A
Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets (XSS).
CVE-2005-1602 1 Net56 1 File Manager 2026-04-16 N/A
SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field.
CVE-2005-2995 1 Bacula 1 Bacula 2026-04-16 N/A
bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.
CVE-2005-1603 1 Niteenterprises 1 Remote File Manager 2026-04-16 N/A
NiteEnterprises Remote File Manager 1.0 allows remote attackers to cause a denial of service (crash) via a crafted string to TCP port 7080.
CVE-2005-1604 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-16 N/A
PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code.
CVE-2005-1610 1 Tru-zone 1 Nukeet 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone NukeET 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via a base64 encoded Codigo parameter.
CVE-2005-2996 1 Symantec Veritas 2 Storage Exec, Storagecentral 2026-04-16 N/A
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
CVE-2005-1615 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensitive data via the postorder parameter, which is not properly handled by textdb.inc.php, possibly due to a SQL injection vulnerability.
CVE-2005-2997 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-16 N/A
Multiple directory traversal vulnerabilities in PHP Advanced Transfer Manager 1.30 allow remote attackers to read arbitrary files via ".." sequences in (1) the currentdir parameter to txt.php, or the current_dir parameter to (2) htm.php or (3) html.php.
CVE-2005-2998 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-16 N/A
PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files.
CVE-2005-2999 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-16 N/A
PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php.
CVE-2005-1619 1 Phpheaven 1 Phpmychat 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) start_page.css.php3 (aka start-page.css.php3) or (2) style.css.php3 in PHPMyChat 0.14.5 allow remote attackers to inject arbitrary web script or HTML commands via the FontName parameter. NOTE: it was later reported that 0.14.5 is also affected.
CVE-2005-1630 1 Opentools 1 Attachment Mod 2026-04-16 N/A
Unknown vulnerability in Attachment Mod before 2.3.13, related to a "serious issue with realnames," has unknown impact and attack vectors.
CVE-2005-1631 1 Booby 1 Booby 2026-04-16 N/A
booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs.
CVE-2005-1632 1 Tavis Rudd 1 Cheetah 2026-04-16 N/A
Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.
CVE-2005-1633 1 Jgs-xa 1 Jgs-portal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) anzahl_beitraege parameter to jgs_portal.php, 2) year parameter to (jgs_portal_statistik.php, 3) year parameter to (jgs_portal_beitraggraf.php, 4) tag parameter to (jgs_portal_viewsgraf.php, 5) year parameter to (jgs_portal_themengraf.php, 6) year parameter to (jgs_portal_mitgraf.php, 7) id parameter to jgs_portal_sponsor.php, or (8) the Accept-Language header to jgs_portal_log.php.