Export limit exceeded: 366908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1081 | 1 Azerbaijan Development Group | 1 Azdgdating | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2005-1082 | 1 Azerbaijan Development Group | 1 Azdgdating | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php. | ||||
| CVE-2005-1083 | 1 Aewebworks | 1 Aedating | 2026-04-16 | N/A |
| index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter. | ||||
| CVE-2005-1084 | 1 Aewebworks | 1 Aedating | 2026-04-16 | N/A |
| SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter. | ||||
| CVE-2005-1085 | 1 Aewebworks | 1 Aedating | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2005-1086 | 1 An | 1 An-httpd | 2026-04-16 | N/A |
| Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. | ||||
| CVE-2005-1087 | 1 An | 1 An-httpd | 2026-04-16 | N/A |
| CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request. | ||||
| CVE-2005-1088 | 1 Dameware Development | 2 Mini Remote Control, Nt Utilities | 2026-04-16 | N/A |
| Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights. | ||||
| CVE-2005-1089 | 1 Dc\+\+ | 1 Dc\+\+ | 2026-04-16 | N/A |
| Unknown vulnerability in DC++ before 0.674 allows attackers to append data to arbitrary files. | ||||
| CVE-2005-1090 | 1 Maxthon | 1 Maxthon | 2026-04-16 | N/A |
| Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files. | ||||
| CVE-2005-1091 | 1 Maxthon | 1 Maxthon | 2026-04-16 | N/A |
| Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page. | ||||
| CVE-2005-1092 | 1 Light Speed Technology | 1 Deluxeftp | 2026-04-16 | N/A |
| Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. | ||||
| CVE-2005-1093 | 1 Popup Plus Plugin | 1 Popup Plus Plugin For Miranda Im | 2026-04-16 | N/A |
| Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enabled, allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-1094 | 1 Network-client.com | 1 Ftp Now | 2026-04-16 | N/A |
| FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges. | ||||
| CVE-2005-1095 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2005-1096 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | ||||
| CVE-2005-0922 | 1 Symantec | 3 Norton Antivirus, Norton Internet Security, Norton System Works | 2026-04-16 | N/A |
| Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. | ||||
| CVE-2005-0695 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier allows remote attackers to determine the owner's e-mail address by providing a portion of the domain name to the "login ID" field. | ||||
| CVE-2005-0696 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5. | ||||
| CVE-2005-0697 | 1 Brt | 1 Copperexport | 2026-04-16 | N/A |
| SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 allows remote attackers to execute arbitrary SQL commands, possibly via the (1) title, (2) caption, or (3) keywords parameters. | ||||