Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4388 | 1 Contens | 1 Contens | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter. | ||||
| CVE-2005-4407 | 1 Tmc Visionpool | 1 Mercury Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) content and (2) criteria parameters. | ||||
| CVE-2005-4434 | 1 Abledesign | 1 Abledesign | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4706 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function. | ||||
| CVE-2005-4456 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. NOTE: it is possible that these are alternate vectors for the issue described in CVE-2005-4402. | ||||
| CVE-2005-4470 | 1 Blender | 1 Blenloader | 2026-04-16 | N/A |
| Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. | ||||
| CVE-2006-0165 | 1 Plain Black | 1 Webgui | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 (gamma) allows remote attackers to inject arbitrary Javascript via the (1) url and (2) name field of the default email form. | ||||
| CVE-2003-0594 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2006-0302 | 1 Zyxel | 1 P2000w Version 2 Voip Wifi Phone | 2026-04-16 | N/A |
| ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090. | ||||
| CVE-2006-4629 | 1 C-news.fr | 1 C-news | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in affichage/commentaires.php in C-News.fr C-News 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2005-4488 | 1 Computeroil | 1 Redakto Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.tpl in Redakto WCMS 3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) iid, (2) iid2, (3) r, (4) cart, (5) str, (6) nf, and (7) a parameters. | ||||
| CVE-2006-4644 | 1 Phpfullannu | 1 Phpfullannu | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in modules/home.module.php in phpFullAnnu 5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the repmod parameter. | ||||
| CVE-2005-4608 | 1 Incogen | 1 Bugport | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in BugPort 1.147 allows remote attackers to execute arbitrary SQL commands via the (1) devWherePair[0], (2) orderBy, and (3) where parameters. | ||||
| CVE-2005-4547 | 1 Epic Designs | 1 Eggblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in home/search.php in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the q parameter, as used by the Keyword and Search fields. | ||||
| CVE-2005-4614 | 1 Sum Effect Software | 1 Digishop | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in digiSHOP 3.1.17 and earlier allow remote attackers to execute arbitrary SQL commands or obtain the full installation path via (1) the c parameter in cart.php and (2) unspecified search module parameters. | ||||
| CVE-2005-4646 | 1 Pearlinger | 1 Pearl Forums | 2026-04-16 | N/A |
| Unspecified vulnerability in index.php in PEARLINGER Pearl Forums 2.4 allows remote attackers to include arbitrary files via the mode parameter, possibly due to a directory traversal vulnerability. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4682 | 1 Audienceview | 1 Audienceview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp in AudienceView allows remote attackers to inject arbitrary web script or HTML via the TSerrorMessage parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4660 | 1 Ipcop | 1 Ipcop | 2026-04-16 | N/A |
| Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from this backup. | ||||
| CVE-2005-4665 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB 1.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via Javascript contained in nested, malformed BBcode url tags. | ||||
| CVE-2005-4673 | 1 Inicom Networks | 1 Ioftpd | 2026-04-16 | N/A |
| ioFTPD 0.5.84 u responds with different messages depending on whether or not a username exists, which allows remote attackers to enumerate valid usernames. | ||||