Total
29925 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4047 | 1 Iisworks | 1 Aspknowledgebase | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter. | ||||
| CVE-2005-3969 | 1 Mxchange | 1 Mxchange | 2026-04-16 | N/A |
| SQL injection vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-3992 | 1 Wineggdropshell | 1 Wineggdropshell | 2026-04-16 | N/A |
| Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) PASS command to the FTP server. | ||||
| CVE-2005-4036 | 1 Web4future | 1 Keyword Frequency Counter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL." | ||||
| CVE-2005-4055 | 1 Cars Portal | 1 Cars Portal | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters. | ||||
| CVE-2005-4056 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location, (2) Last Name, and (3) First Name parameters. | ||||
| CVE-2005-4057 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters. | ||||
| CVE-2005-4094 | 1 Docebolms | 1 Docebolms | 2026-04-16 | N/A |
| connector.php in the fckeditor2rc2 addon in DoceboLMS 2.0.4 allows remote attackers to execute arbitrary PHP by using the FileUpload command to upload a file that appears to be an image but contains PHP script. | ||||
| CVE-2005-4090 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in HP-UX B.11.00 to B.11.23, when IPSEC is running, allows remote attackers to have unknown impact. | ||||
| CVE-2005-4091 | 1 1-script | 1 1-search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script 1-Search 1.8 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-4374 | 1 Allinta | 1 Allinta | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery parameter to search.asp. | ||||
| CVE-2005-4270 | 1 Watchfire | 1 Appscan Qa | 2026-04-16 | N/A |
| Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long Realm field. | ||||
| CVE-2005-4276 | 1 Westell | 1 Versalink | 2026-04-16 | N/A |
| Westell Versalink 327W allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4375 | 1 Box Uk | 1 Amaxus | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376. | ||||
| CVE-2005-4378 | 1 Nma | 1 Baseline Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to execute arbitrary SQL commands via the SiteNodeID parameter. | ||||
| CVE-2005-4354 | 1 University Of Arizona | 1 Webglimpse | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2005-4384 | 1 Citysoft | 1 Community Enterprise | 2026-04-16 | N/A |
| CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm. | ||||
| CVE-2005-4404 | 1 Media2 Cms | 1 Media2 Cms Shop | 2026-04-16 | N/A |
| SQL injection vulnerability in default.asp in Media2 CMS Shop 18.x allows remote attackers to execute arbitrary SQL commands via the item parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources. | ||||
| CVE-2005-4406 | 1 Tmc Visionpool | 1 Mercury Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. | ||||
| CVE-2005-4392 | 1 E-publish | 1 E-publish | 2026-04-16 | N/A |
| SQL injection vulnerability in printer_friendly.cfm in e-publish CMS 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||