Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1027 1 Francisco Burzi 1 Php-nuke 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module.
CVE-2005-1034 1 Netwin 1 Surgeftp 2025-04-03 N/A
SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (application hang) via the LEAK command.
CVE-2005-1035 1 Pavuk 1 Pavuk 2025-04-03 N/A
Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact.
CVE-2005-1037 1 Ibm 1 Aix 2025-04-03 N/A
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
CVE-2005-1046 2 Kde, Redhat 2 Kde, Enterprise Linux 2025-04-03 N/A
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
CVE-2005-1064 1 Rsnapshot 1 Filesystem Snapshot Utility 2025-04-03 N/A
The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 changes the ownership of files that a symlink points to rather than the symlink itself, which allows local users to obtain access to arbitrary files.
CVE-2005-1069 1 Scssboard 1 Scssboard 2025-04-03 N/A
Unknown vulnerability in sCssBoard 1.11 and earlier has unknown impact, related to "an exploit on the Profile page."
CVE-2005-1071 1 Jportal 1 Jportal Web Portal 2025-04-03 N/A
SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the haslo parameter.
CVE-2005-1072 1 Punbb 1 Punbb 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows remote attackers to inject arbitrary web script or HTML.
CVE-2005-1248 1 Apple 1 Itunes 2025-04-03 N/A
Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file.
CVE-2005-1077 1 Xampp 1 Apache Distribution 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
CVE-2005-1078 1 Xampp 1 Apache Distribution 2025-04-03 N/A
XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges.
CVE-2005-1079 1 Mike De Boer 1 Zoom Media Gallery 2025-04-03 N/A
SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2005-1081 1 Azerbaijan Development Group 1 Azdgdating 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2005-1082 1 Azerbaijan Development Group 1 Azdgdating 2025-04-03 N/A
Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execute arbitrary SQL commands via (1) the id parameter to view.php or (2) the from parameter to members/index.php.
CVE-2005-1084 1 Aewebworks 1 Aedating 2025-04-03 N/A
SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter.
CVE-2005-1089 1 Dc\+\+ 1 Dc\+\+ 2025-04-03 N/A
Unknown vulnerability in DC++ before 0.674 allows attackers to append data to arbitrary files.
CVE-2005-1090 1 Maxthon 1 Maxthon 2025-04-03 N/A
Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files.
CVE-2005-1091 1 Maxthon 1 Maxthon 2025-04-03 N/A
Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page.
CVE-2005-1092 1 Light Speed Technology 1 Deluxeftp 2025-04-03 N/A
Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.