Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4222 1 Lars Ellingsen 1 Guestserver 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.cgi in Lars Ellingsen Guestserver 4.13 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified message fields.
CVE-2005-4230 1 Php Web Scripts 1 Link Up Gold 2025-04-03 N/A
SQL injection vulnerability in poll.php in Link Up Gold 2.5 and earlier allows remote attackers to execute arbitrary SQL commands via the number parameter.
CVE-2005-4229 1 Everyauction 1 Everyauction 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in auction.pl in EveryAuction 1.53 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources and independently verified using source code inspection.
CVE-2005-1471 1 Rsa 1 Securid Web Agent 2025-04-03 N/A
Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data.
CVE-2005-4236 1 Cartkeeper 1 Ckgold Shopping Cart 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.
CVE-2005-4238 1 Mantis 1 Mantis 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter.
CVE-2005-4239 1 Php Jackknife 1 Php Jackknife 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter.
CVE-2005-4248 1 Quickpaypro 1 Quickpaypro 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 allow remote attackers to inject arbitrary web script or HTML via various fields, such as those in (1) communication/subscribers.tracking.add.php, (2) support/tickets.add.php, and (3) mycompany/categories.php.
CVE-2005-4249 1 Adp 1 Adp Forum 2025-04-03 N/A
ADP Forum 2.0 through 2.0.3 stores sensitive information in plaintext files under the web document root with insufficient access control, which allows remote attackers to obtain user credentials via requests to the forum/users directory.
CVE-2005-4264 1 Triangle Solutions 1 Php Support Tickets 2025-04-03 N/A
Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields, and (3) id parameter.
CVE-2005-4274 1 Businessobjects 1 Webintelligence 2025-04-03 N/A
Unspecified vulnerability in Business Objects WebIntelligence 6.5x allows remote attackers to cause a denial of service (user account lock out) via unknown attack vectors related to "authentication mechanisms" and "form input."
CVE-2005-4272 1 Ibm 1 Aix 2025-04-03 N/A
Multiple buffer overflows in IBM AIX 5.1, 5.2, and 5.3 allow remote attackers to execute arbitrary code via (1) muxatmd and (2) slocal.
CVE-2005-4282 1 Zaygo 1 Domaincart 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML, possibly via the root parameter to zaygo.cgi.
CVE-2005-4283 1 Nightmedia 1 The City Shop 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via parameters to the search module, possibly SKey to store.cgi.
CVE-2006-0768 1 Kadu 1 Kadu 2025-04-03 N/A
Kadu 0.4.3 allows remote attackers to cause a denial of service (application crash) via a large number of image send requests.
CVE-2005-4293 1 Kryptronic 1 Clickcartpro 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.
CVE-2005-4294 1 Alkacon 1 Opencms 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page.
CVE-2005-4301 1 Phpxplorer 1 Phpxplorer 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the address bar field.
CVE-2005-4302 1 Indexcor 1 Ezdatabase 2025-04-03 N/A
Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter.
CVE-2005-4303 1 Indexcor 1 Ezdatabase 2025-04-03 N/A
SQL injection vulnerability in index.php for ezDatabase 2.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the db_id parameter.