Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4234 | 1 Powerdev | 1 Encapsgallery | 2025-04-03 | N/A |
| SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4235 | 1 Whmcompletesolution | 1 Whmcompletesolution | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters. | ||||
| CVE-2005-4236 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters. | ||||
| CVE-2005-4238 | 1 Mantis | 1 Mantis | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter. | ||||
| CVE-2005-4239 | 1 Php Jackknife | 1 Php Jackknife | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter. | ||||
| CVE-2005-4262 | 1 Envolution | 1 Envolution | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. NOTE: this issue might be resultant from the SQL injection problem (CVE-2005-4263). | ||||
| CVE-2005-4264 | 1 Triangle Solutions | 1 Php Support Tickets | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields, and (3) id parameter. | ||||
| CVE-2005-4302 | 1 Indexcor | 1 Ezdatabase | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter. | ||||
| CVE-2005-4303 | 1 Indexcor | 1 Ezdatabase | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php for ezDatabase 2.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the db_id parameter. | ||||
| CVE-2005-4308 | 1 Scriptscenter | 1 Ezupload Pro | 2025-04-03 | N/A |
| index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter. | ||||
| CVE-2005-4309 | 1 Scriptscenter | 1 Ezupload Pro | 2025-04-03 | N/A |
| SQL injection vulnerability in ezUpload Pro 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified search module parameters. | ||||
| CVE-2005-4310 | 1 Ssh | 1 Tectia Server | 2025-04-03 | N/A |
| SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials. | ||||
| CVE-2005-4312 | 1 Almondsoft | 1 Almond Classifieds | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4313 | 1 Almondsoft | 1 Almond Personals | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Personals 4.05 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | ||||
| CVE-2005-4346 | 1 Anthony Boyd | 1 Phpbb Blog | 2025-04-03 | N/A |
| Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier allows remote attackers to obtain the full path of the application via an invalid permalink parameter to index.php, which produces an invalid SQL query that leaks the full pathname in a SQL syntax error message. NOTE: this was originally claimed to be SQL injection, but a cleansing step strips all non-digit characters and leaves an empty permalink argument, which leads to the syntax error. | ||||
| CVE-2005-4347 | 1 Debian | 2 Debian Linux, Kernel-patch-vserver | 2025-04-03 | N/A |
| The Linux 2.4 kernel patch in kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux does not correctly set the "chroot barrier" with util-vserver, which allows attackers to access files on the host system that are outside of the vserver. | ||||
| CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2025-04-03 | N/A |
| Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. | ||||
| CVE-2005-4371 | 1 Acidcat | 1 Acidcat | 2025-04-03 | N/A |
| Acidcat 2.1.13 and earlier stores the database under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a request to databases/acidcat.mdb. | ||||
| CVE-2005-4374 | 1 Allinta | 1 Allinta | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery parameter to search.asp. | ||||