Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4282 1 Mamboxchange 1 Mambowiki 2026-04-16 N/A
PHP remote file inclusion vulnerability in MamboLogin.php in the MamboWiki component (com_mambowiki) 0.9.6 and earlier for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter.
CVE-2005-1418 1 Netleaf Limited 1 Notjustbrowsing 2026-04-16 N/A
NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges.
CVE-2005-1419 1 Ocean12 Technologies 1 Mailing List Manager 2026-04-16 N/A
SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter.
CVE-2005-1421 1 Raysoft 1 Video Cam Server 2026-04-16 N/A
Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request.
CVE-2006-4296 1 Mambo 1 Bigape-backup Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in classes/Tar.php in bigAPE-Backup component (com_babackup) for Mambo 1.1 allows remote attackers to include arbitrary files via the mosConfig_absolute_path parameter.
CVE-2005-1444 1 Sitepanel 1 Sitepanel 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to inject arbitrary web script or HTML via (1) the v, show, or sec_name parameters to main.php, (2) the inadmin, newsev, or postid parameters to 5.php, or (3) the id parameter to 0.php.
CVE-2005-1443 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters.
CVE-2005-1442 1 Ibm 1 Lotus Notes 2026-04-16 N/A
Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.
CVE-2005-1437 1 Osticket 1 Osticket 2026-04-16 N/A
Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to admin.php or (2) cat parameter to view.php.
CVE-2005-1452 1 S9y 1 Serendipity 2026-04-16 N/A
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."
CVE-2005-1451 1 S9y 1 Serendipity 2026-04-16 N/A
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
CVE-2005-1449 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.
CVE-2005-1448 1 S9y 1 Serendipity 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-1450 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact.
CVE-2005-1460 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.
CVE-2006-4321 1 Coppermine 1 Coppermine Photo Gallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in cpg.php in the Coppermine Photo Gallery component (com_cpg) 1.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-4348 1 Kochsuite Component 1 Kochsuite Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2005-1471 1 Rsa 1 Securid Web Agent 2026-04-16 N/A
Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data.
CVE-2005-1467 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.
CVE-2005-1479 1 Jgs-xa 1 Jgs-portal 2026-04-16 N/A
SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.