Total
29763 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4631 | 1 Ryan Lath | 1 Zina | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2005-4634 | 1 Activecampaign | 1 Supporttrio | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in ActiveCampaign SupportTrio 1.4 allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the provenance of this information is unknown because the source URL is not available; the details are obtained solely from third party information. | ||||
| CVE-2005-4635 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| The nl_fib_input function in fib_frontend.c in the Linux kernel before 2.6.15 does not check for valid lengths of the header and payload, which allows remote attackers to cause a denial of service (invalid memory reference) via malformed fib_lookup netlink messages. | ||||
| CVE-2005-4636 | 1 Openoffice | 1 Openoffice | 2025-04-03 | N/A |
| OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings. | ||||
| CVE-2005-4663 | 1 Ocomon | 1 Ocomon | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in OcoMon 1.20, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2005-4657 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2025-04-03 | N/A |
| Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4656 | 1 Triggertg | 1 Tclanportal | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter. | ||||
| CVE-2005-4659 | 1 Ipcop | 1 Ipcop | 2025-04-03 | N/A |
| IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup. | ||||
| CVE-2005-4661 | 1 Campware.org | 1 Campsite | 2025-04-03 | N/A |
| The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password. | ||||
| CVE-2005-4662 | 1 Ocomon | 1 Ocomon | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in OcoMon 1.20, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via unknown attack vectors in an unspecified input form, a different vulnerability than CVE-2005-4664. | ||||
| CVE-2006-3265 | 1 Qdig | 1 Qdig | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters. | ||||
| CVE-2005-4694 | 1 Plain Black | 1 Webgui | 2025-04-03 | N/A |
| Unspecified vulnerability in the www_add method in Asset.pm in Plain Black WebGUI 6.3.0 and other versions before 6.7.6 allows attackers to execute arbitrary code via unknown attack vectors. | ||||
| CVE-2005-4696 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
| The Microsoft Wireless Zero Configuration system (WZCS) stores WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network. | ||||
| CVE-2005-4697 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
| The Microsoft Wireless Zero Configuration system (WZCS) allows local users to access WEP keys and pair-wise Master Keys (PMK) of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll. | ||||
| CVE-2005-4698 | 1 Tellme | 1 Tellme | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 91) q_IP (IP) or (2) q_Host (HOST) parameters. | ||||
| CVE-2005-4745 | 1 Freeradius | 1 Freeradius | 2025-04-03 | N/A |
| SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2005-4720 | 1 Mozilla | 1 Firefox | 2025-04-03 | N/A |
| Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack. | ||||
| CVE-2005-4721 | 1 The Media Shoppe Berhad | 1 Tmspublisher | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in tmsPUBLISHER 3.3 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-4722 | 1 The Media Shoppe Berhad | 1 Tmspublisher | 2025-04-03 | N/A |
| _Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to obtain sensitive information via an invalid id argument to pagename.cfm, which reveals the installation path in an error message. | ||||
| CVE-2005-4724 | 1 Phptagcool | 1 Phptagcool | 2025-04-03 | N/A |
| SQL injection vulnerability in post.php in PhpTagCool 1.0.3 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field in an HTTP header. | ||||