Export limit exceeded: 360133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360133 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4726 | 1 Mute | 1 Mute | 2026-04-16 | N/A |
| MUTE 0.4 uses improper flood protection algorithms, which allows remote attackers to obtain sensitive information (privacy leak and search result data) by controlling a drop chain neighbor that is near the end of a message chain. | ||||
| CVE-2005-4725 | 1 Geeklog | 1 Geeklog | 2026-04-16 | N/A |
| Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID. | ||||
| CVE-2005-4724 | 1 Phptagcool | 1 Phptagcool | 2026-04-16 | N/A |
| SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field in an HTTP header. | ||||
| CVE-2005-4723 | 2 D-link, Dlink | 4 Di-524, Di-784, Di-524 and 1 more | 2026-04-16 | N/A |
| D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment. | ||||
| CVE-2005-4722 | 1 The Media Shoppe Berhad | 1 Tmspublisher | 2026-04-16 | N/A |
| _Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to obtain sensitive information via an invalid id argument to pagename.cfm, which reveals the installation path in an error message. | ||||
| CVE-2005-4721 | 1 The Media Shoppe Berhad | 1 Tmspublisher | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-4607 | 1 Incogen | 1 Bugport | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in BugPort 1.147 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ids[0], (2) action, (3) report_id, (4) devWherePair[1][1], and (5) binds[0] parameters. | ||||
| CVE-2005-4608 | 1 Incogen | 1 Bugport | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in BugPort 1.147 allows remote attackers to execute arbitrary SQL commands via the (1) devWherePair[0], (2) orderBy, and (3) where parameters. | ||||
| CVE-2005-4609 | 1 Incogen | 1 Bugport | 2026-04-16 | N/A |
| index.php in BugPort 1.147 and earlier allows remote attackers to obtain sensitive information such as full path and system configuration via an invalid action parameter. | ||||
| CVE-2005-4610 | 1 Dopewars | 1 Dopewars | 2026-04-16 | N/A |
| Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors. | ||||
| CVE-2005-4611 | 1 Phpfreebies.com | 1 Free Clickbank | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter. | ||||
| CVE-2005-4612 | 1 Vubb | 1 Vubb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in VUBB alpha rc1 allow remote attackers to execute arbitrary SQL commands via the (1) f parameter to viewforum.php, (2) t parameter to viewtopic.php, and (3) view parameter to usercp.php. | ||||
| CVE-2006-0918 | 1 Ritlabs | 1 The Bat | 2026-04-16 | N/A |
| Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field. | ||||
| CVE-2005-4624 | 1 Ptnet | 1 Ptnet Ircd | 2026-04-16 | N/A |
| The m_join function in channel.c for PTnet ircd 1.5 and 1.6 allows remote attackers to cause a denial of service (memory exhaustion that triggers a daemon restart) via a large number of requests to join a "charmed channel" such as PTnet, #PTnoticias and #*.log, which causes ircd to open the channel even though it does not have any valid users. | ||||
| CVE-2005-4625 | 3 Ati, Intel, Microsoft | 3 Catalyst Driver, Display Adapter Driver, Internet Explorer | 2026-04-16 | N/A |
| Drivers for certain display adapters, including (1) an unspecified ATI driver and (2) an unspecified Intel driver, might allow remote attackers to cause a denial of service (system crash) via a large JPEG image, as demonstrated in Internet Explorer using stoopid.jpg with a width and height of 9999999. | ||||
| CVE-2005-4626 | 1 Recruitment Software | 1 Recruitment Software | 2026-04-16 | N/A |
| The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request. | ||||
| CVE-2005-4627 | 2 Gfhost, Gmailsite | 2 Gfhost, Gmailsite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in (1) GmailSite 1.0 through 1.0.4 and (2) GFHost 0.1.1 through 0.4.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. | ||||
| CVE-2005-4628 | 1 Help Desk Point Software | 1 Helpdeskpoint | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2005-4631 | 1 Ryan Lath | 1 Zina | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2005-4632 | 1 Vote Pro | 1 Vote Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter. | ||||