Export limit exceeded: 367102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367102 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1416 | 1 Soft3304 | 1 04webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. | ||||
| CVE-2005-1417 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp. | ||||
| CVE-2005-1418 | 1 Netleaf Limited | 1 Notjustbrowsing | 2026-04-16 | N/A |
| NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges. | ||||
| CVE-2005-1419 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter. | ||||
| CVE-2005-1420 | 1 Raysoft | 1 Video Cam Server | 2026-04-16 | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). | ||||
| CVE-2005-1421 | 1 Raysoft | 1 Video Cam Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request. | ||||
| CVE-2005-1422 | 1 Raysoft | 1 Video Cam Server | 2026-04-16 | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. | ||||
| CVE-2005-1423 | 1 Software602 | 1 602lan Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter. | ||||
| CVE-2005-1424 | 1 Stumbleinside | 1 Gotext | 2026-04-16 | N/A |
| StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | ||||
| CVE-2005-1425 | 1 Uapplication | 1 Uguestbook | 2026-04-16 | N/A |
| Uapplication Uguestbook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/guestbook.mdb. | ||||
| CVE-2005-1426 | 1 Uapplication | 1 Ublog | 2026-04-16 | N/A |
| Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb (aka mdb-database/blog.msb). | ||||
| CVE-2005-1427 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb. | ||||
| CVE-2005-1428 | 1 Uapplication | 1 Uphotogallery | 2026-04-16 | N/A |
| edit_image.asp in Uapplication Uphotogallery allows remote attackers to upload arbitrary files. | ||||
| CVE-2005-1429 | 1 Abczone.it | 1 Wwwguestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2005-1430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | ||||
| CVE-2005-1431 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2026-04-16 | N/A |
| The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c. | ||||
| CVE-2005-1433 | 1 Hp | 1 Openview Event Correlation Services | 2026-04-16 | N/A |
| Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2005-1434 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2005-1435 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename. | ||||
| CVE-2005-1436 | 1 Osticket | 1 Osticket | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket. | ||||