Export limit exceeded: 367102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (367102 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1416 1 Soft3304 1 04webserver 2026-04-16 N/A
Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder.
CVE-2005-1417 1 Maxwebportal 1 Maxwebportal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp.
CVE-2005-1418 1 Netleaf Limited 1 Notjustbrowsing 2026-04-16 N/A
NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges.
CVE-2005-1419 1 Ocean12 Technologies 1 Mailing List Manager 2026-04-16 N/A
SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter.
CVE-2005-1420 1 Raysoft 1 Video Cam Server 2026-04-16 N/A
Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space).
CVE-2005-1421 1 Raysoft 1 Video Cam Server 2026-04-16 N/A
Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request.
CVE-2005-1422 1 Raysoft 1 Video Cam Server 2026-04-16 N/A
Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html.
CVE-2005-1423 1 Software602 1 602lan Suite 2026-04-16 N/A
Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter.
CVE-2005-1424 1 Stumbleinside 1 Gotext 2026-04-16 N/A
StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information.
CVE-2005-1425 1 Uapplication 1 Uguestbook 2026-04-16 N/A
Uapplication Uguestbook 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/guestbook.mdb.
CVE-2005-1426 1 Uapplication 1 Ublog 2026-04-16 N/A
Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb (aka mdb-database/blog.msb).
CVE-2005-1427 1 Uapplication 1 Uphotogallery 2026-04-16 N/A
Uapplication Uphotogallery stores the database under the web document root, which allows remote attackers to obtain sensitive information via a direct request to uphotogallery.mdb.
CVE-2005-1428 1 Uapplication 1 Uphotogallery 2026-04-16 N/A
edit_image.asp in Uapplication Uphotogallery allows remote attackers to upload arbitrary files.
CVE-2005-1429 1 Abczone.it 1 Wwwguestbook 2026-04-16 N/A
SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2005-1430 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.
CVE-2005-1431 2 Gnu, Redhat 2 Gnutls, Enterprise Linux 2026-04-16 N/A
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
CVE-2005-1433 1 Hp 1 Openview Event Correlation Services 2026-04-16 N/A
Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code.
CVE-2005-1434 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.
CVE-2005-1435 1 Open Webmail 1 Open Webmail 2026-04-16 N/A
Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.
CVE-2005-1436 1 Osticket 1 Osticket 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket.