Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3920 | 1 Babe Logger | 1 Babe Logger | 2025-04-03 | N/A |
| SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL commands via the (1) gal parameter to index.php or (2) id parameter to comments.php. | ||||
| CVE-2005-3923 | 1 Netobjects | 1 Netobjects Fusion | 2025-04-03 | N/A |
| NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive information, including passwords, by downloading the _versioning_repository_/rollbacklog.xml file, then using it to download and modify the associated ZIP file to edit and republish the site. | ||||
| CVE-2005-3938 | 1 Softbiz | 1 Faq | 2025-04-03 | N/A |
| SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | ||||
| CVE-2005-3939 | 1 Wsn Knowledge Base | 1 Wsn Knowledge Base | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b) comments.php and (c) memberlist.php. | ||||
| CVE-2005-3940 | 1 Greywyvern | 1 Orca Ringmaker | 2025-04-03 | N/A |
| SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. | ||||
| CVE-2005-3941 | 1 Greywyvern | 1 Orca Blog | 2025-04-03 | N/A |
| SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter. | ||||
| CVE-2005-3942 | 1 Greywyvern | 1 Orca Knowledgebase | 2025-04-03 | N/A |
| SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter. | ||||
| CVE-2005-3943 | 1 Faq System | 1 Faq System | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) FAQ_ID and (2) action parameters in (a) viewFAQ.php; and (3) CATEGORY_ID parameter in (b) index.php. | ||||
| CVE-2005-3944 | 1 Faq System | 1 Faq System | 2025-04-03 | N/A |
| SQL injection vulnerability in survey.php in ilyav Survey System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the SURVEY_ID parameter. | ||||
| CVE-2005-3967 | 1 Atlassian | 1 Confluence | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter. | ||||
| CVE-2005-3969 | 1 Mxchange | 1 Mxchange | 2025-04-03 | N/A |
| SQL injection vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-3971 | 1 Citrix | 2 Metaframe Secure Access Manager, Nfuse | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field. | ||||
| CVE-2005-3972 | 1 Extreme Corporate | 1 Extreme Search | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in extremesearch.php in Extreme Search Corporate Edition 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2005-4004 | 1 Infinetsoftware | 1 Mytemplatesite | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in MyTemplateSite 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-4008 | 1 Jax Calendar | 1 Jax Calendar | 2025-04-03 | N/A |
| SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameters. | ||||
| CVE-2005-4032 | 1 Hotcgiscripts | 1 Easy Search System | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in Easy Search System 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-4033 | 1 Ali Bousahid | 1 Nodezilla | 2025-04-03 | N/A |
| Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-4034 | 1 Web4future | 1 Edating Professional | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) pg, and (3) sortb parameters to (a) index.php; (4) cid parameter to (b) gift.php and (c) fq.php; and (5) cat parameter to (d) articles.php. | ||||
| CVE-2005-4035 | 1 Web4future | 1 Web4future Ecommerce | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prod, and (2) brid parameters to (a) view.php; the (3) the bid parameter to (b) viewbrands.php; and the (4) grp and (5) cat parameters to index.php. | ||||
| CVE-2005-4036 | 1 Web4future | 1 Keyword Frequency Counter | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL." | ||||