Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3866 | 1 Wwwsearchsolutions | 1 Searchfeed Search Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote attackers to inject arbitrary HTML and web script, possibly via the REQ parameter, which is used when performing a search. | ||||
| CVE-2005-2604 | 1 My Image Gallery | 1 My Image Gallery | 2026-04-16 | N/A |
| index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message. | ||||
| CVE-2005-3869 | 1 Google | 1 Api Search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter. | ||||
| CVE-2005-3873 | 1 Sourceshock | 1 Shockboard | 2026-04-16 | N/A |
| SQL injection vulnerability in topic.php in ShockBoard 3.0 and 4.0 allows remote attackers to execute arbitrary SQL commands via the offset parameter. | ||||
| CVE-2005-3887 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image filename of AUX: sent twice (hang), or (2) write to the LPT1 port via a filename of "LPT1:". | ||||
| CVE-2005-3897 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function. | ||||
| CVE-2005-2623 | 1 Ecw-shop | 1 Ecw-shop | 2026-04-16 | N/A |
| ECW-Shop 6.0.2 allows remote attackers to reduce the total cost of their shopping cart by specifying a negative quantity for an item, which causes the price of the item to be subtracted from the total cost. | ||||
| CVE-2005-2624 | 1 Cpaint | 1 Cpaint | 2026-04-16 | N/A |
| Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaint_argument[] parameter to (1) calculator.asp or (2) cpaintfile.asp, which is directly fed into an eval statement. | ||||
| CVE-2005-3900 | 1 Macromedia | 1 Breeze | 2026-04-16 | N/A |
| Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133). | ||||
| CVE-2005-3902 | 1 Virtual Hosting Control System | 1 Virtual Hosting Control System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in Virtual Hosting Control System (VHCS) 2.2.0 through 2.4.6.2 allows remote attackers to inject arbitrary web script or HTML via query strings that are included in an error message, as demonstrated using a parameter containing script. | ||||
| CVE-2005-3910 | 1 Post Affiliate Pro | 1 Post Affiliate Pro | 2026-04-16 | N/A |
| merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability. | ||||
| CVE-2005-2636 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2026-04-16 | N/A |
| SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter. | ||||
| CVE-2005-3917 | 1 Commodityrentals | 1 Commodityrentals | 2026-04-16 | N/A |
| SQL injection vulnerability in usersession in CommodityRentals 2.0 Online Rental Business Creator script allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2005-3930 | 1 N-13 News | 1 N-13 News | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in N-13 News 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-3931 | 1 Asp-rider | 1 Asp-rider | 2026-04-16 | N/A |
| SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbitrary SQL commands via the HTTP referer. | ||||
| CVE-2005-3934 | 1 Symantec | 1 Pcanywhere | 2026-04-16 | N/A |
| Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors. | ||||
| CVE-2005-3945 | 1 Microsoft | 2 Windows 2000, Windows 2003 Server | 2026-04-16 | N/A |
| The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 with Update Roll-up uses a hash of predictable data, which allows remote attackers to cause a denial of service (CPU consumption) via a flood of SYN packets that produce identical hash values, which slows down the hash table lookups. | ||||
| CVE-2005-3949 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_template.php, and (4) multiple parameters to export_handler.php. | ||||
| CVE-2005-3959 | 1 Freewebstat | 1 Freewebstat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the (1) site, (2) jsref, (3) jsres, and (4) jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and (5) the search key to stat.php. | ||||
| CVE-2005-3964 | 2 Integrated Computer Solutions, Redhat | 3 Openmotif, Enterprise Linux, Network Satellite | 2026-04-16 | N/A |
| Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c. | ||||