Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1434 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2005-1449 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact. | ||||
| CVE-2005-1450 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact. | ||||
| CVE-2005-1502 | 1 Midicart Software | 1 Midicart Php Shopping Cart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) searchstring parameter to search_list.php or the (2) secondgroup or (3) maingroup parameters to item_list.php. | ||||
| CVE-2005-1571 | 1 Wenig And Spitzer-williams | 1 Showoff Digital Media Software | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitrary files via ".." sequences in arguments to the (1) ShowAlbum, (2) ShowVideo, or (3) ShowGraphic scripts. | ||||
| CVE-2005-1572 | 1 Wenig And Spitzer-williams | 1 Showoff Digital Media Software | 2026-04-16 | N/A |
| ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083. | ||||
| CVE-2005-1575 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | ||||
| CVE-2005-1570 | 1 Battleaxe Software | 1 Bttlxeforum | 2026-04-16 | N/A |
| forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability. | ||||
| CVE-2005-1577 | 1 Apg Technology | 1 Classmaster | 2026-04-16 | N/A |
| APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share. | ||||
| CVE-2005-1576 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files. | ||||
| CVE-2005-1594 | 1 Codethat | 1 Shoppingcart | 2026-04-16 | N/A |
| SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-1592 | 1 Birdblog | 1 Birdblog | 2026-04-16 | N/A |
| Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | ||||
| CVE-2005-1626 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code. | ||||
| CVE-2005-1632 | 1 Tavis Rudd | 1 Cheetah | 2026-04-16 | N/A |
| Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/. | ||||
| CVE-2005-1651 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm parameter. | ||||
| CVE-2005-1652 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to bypass authentication by modifying the email parameter. | ||||
| CVE-2005-1647 | 1 Gurgens | 1 Gurgens Guest Book | 2026-04-16 | N/A |
| Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords. | ||||
| CVE-2005-1713 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins. | ||||
| CVE-2005-1715 | 1 Ej3 | 1 Topo | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email field in the comments section. | ||||
| CVE-2005-1716 | 1 Ej3 | 1 Topo | 2026-04-16 | N/A |
| TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses. | ||||