Search Results (366739 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0374 1 Bitshifters 1 Bitboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover.
CVE-2005-0375 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function.
CVE-2005-0376 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php.
CVE-2005-0377 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters.
CVE-2005-0378 1 Horde 1 Horde 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.
CVE-2005-0379 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the _zb_path parameter to (1) _head.php or (2) outlogin.php, or the dir parameter to (3) write.php.
CVE-2005-0380 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in (1) print_category.php, (2) login.php, (3) setup.php, (4) ask_password.php, or (5) error.php in ZeroBoard 4.1pl5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the dir parameter to reference a URL on a remote web server that contains the code.
CVE-2005-0381 1 Forumkit 1 Forumkit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter.
CVE-2005-0382 1 Breed 1 Breed 2026-04-16 N/A
Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via an empty UDP packet, which triggers a null dereference.
CVE-2005-0383 1 Trend Micro 1 Control Manager 2026-04-16 N/A
Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password.
CVE-2005-0384 4 Redhat, Suse, Trustix and 1 more 4 Enterprise Linux, Suse Linux, Secure Linux and 1 more 2026-04-16 N/A
Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
CVE-2005-0385 1 Frank Mcingvale 1 Luxman 2026-04-16 N/A
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
CVE-2005-0386 1 Mailreader.com 1 Mailreader.com 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages.
CVE-2005-0387 1 Remstats 1 Remstats 2026-04-16 N/A
remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0388 1 Remstats 1 Remstats 2026-04-16 N/A
Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising."
CVE-2005-0390 1 Axel 1 Axel 2026-04-16 N/A
Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code.
CVE-2005-0391 1 Daniel De Rauglaudre 1 Geneweb 2026-04-16 N/A
geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files.
CVE-2005-0392 1 Debian 1 Ppxp 2026-04-16 N/A
ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.
CVE-2005-0393 1 Crip 1 Crip 2026-04-16 N/A
The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to have an unknown impact with unknown attack vectors.
CVE-2005-0396 2 Kde, Redhat 3 Dcopserver, Desktop Communication Protocol Daemon, Enterprise Linux 2026-04-16 N/A
Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service (dcopserver consumption) by "stalling the DCOP authentication process."