Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1521 1 Sun 1 Java Plug-in 2026-04-16 N/A
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
CVE-2005-3987 1 Tradesoft 1 Tradesoft Cms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote attackers to execute arbitrary SQL commands via unspecified attack vectors.
CVE-2005-3992 1 Wineggdropshell 1 Wineggdropshell 2026-04-16 N/A
Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) PASS command to the FTP server.
CVE-2005-3998 1 Solupress 1 Solupress News 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.asp in Solupress News 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2005-3999 1 Sitebeater 1 Sitebeater Mp3 Catalog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
CVE-2005-1199 1 Infopop 1 Ultimate Bulletin Board 2026-04-16 N/A
SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.
CVE-2005-4008 1 Jax Calendar 1 Jax Calendar 2026-04-16 N/A
SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameters.
CVE-2005-3545 1 Ibproarcade 1 Ibproarcade 2026-04-16 N/A
SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter.
CVE-2005-4028 1 Amember 1 Amember 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in aMember allow remote attackers to inject arbitrary web script or HTML via the (1) lamember_login parameter to sendpass.php and (2) login parameter to member.php.
CVE-2005-4025 1 Help Desk Reloaded 1 Free Help Desk 2026-04-16 N/A
Help Desk Reloaded Free Help Desk does not remove or protect install.php once installation is complete, which allows remote attackers to gain privileges via a direct request to install.php, then navigating to accountsetup.php and creating a new user.
CVE-2005-4036 1 Web4future 1 Keyword Frequency Counter 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL."
CVE-2005-4037 1 Web4future 1 Affiliate Manager Professional 2026-04-16 N/A
SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2005-4043 1 Hobosworld 1 Hobsr 2026-04-16 N/A
SQL injection vulnerability in view.php in Hobosworld HobSR 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) arrange and (2) p parameters.
CVE-2005-4044 1 Mr. Cgi Guy 1 Amazon Search Directory 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.cgi in Amazon Search Directory 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly the search parameter.
CVE-2005-4042 1 Mr. Cgi Guy 1 Warm Links 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi.
CVE-2005-4055 1 Cars Portal 1 Cars Portal 2026-04-16 N/A
SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters.
CVE-2005-4056 1 Jonathan Beckett 1 Pluggedout Nexus 2026-04-16 N/A
SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location, (2) Last Name, and (3) First Name parameters.
CVE-2005-4062 1 Xcent 1 Xcclassified 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CPSearch.asp in XcClassified 3.x allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2005-4065 1 Edgewall Software 1 Trac 2026-04-16 N/A
SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2005-4084 1 Phpbb Styles 1 Phpbb Extreme Styles 2026-04-16 N/A
xs_edit.php in the phpBB eXtreme Styles module 2.2.1 and earlier allows remote attackers to obtain the installation path of the application via an invalid viewbackup parameter.