Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3795 1 Alstrasoft 1 Affiliate Network Pro 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to inject arbitrary web script or HTML via (1) the Err parameter in admin/index.php and the (2) firstname and (3) lastname parameters in index.php.
CVE-2005-3797 1 Alstrasoft 1 Template Seller 2025-04-03 N/A
PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter.
CVE-2005-3804 1 Cisco 1 7920 Wireless Ip Phone 2025-04-03 N/A
Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service.
CVE-2005-3805 1 Linux 1 Linux Kernel 2025-04-03 N/A
A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers.
CVE-2005-3814 1 Orbitscripts 1 Smartppc Pro 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject arbitrary web script or HTML via the username parameter in (1) directory.php, (2) frames.php, and (3) search.php.
CVE-2005-3815 1 Greywyvern 1 Orca Forum 2025-04-03 N/A
SQL injection vulnerability in forum.php in Orca Forum 4.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter.
CVE-2005-3812 1 Freeftpd 1 Freeftpd 2025-04-03 N/A
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments.
CVE-2005-3821 1 Vtiger 1 Vtiger Crm 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in vTiger CRM 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via multiple vectors, including the account name.
CVE-2005-3822 1 Vtiger 1 Vtiger Crm 2025-04-03 N/A
Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username in the login form or (2) record parameter, as demonstrated in the EditView action for the Contacts module.
CVE-2005-3823 1 Vtiger 1 Vtiger Crm 2025-04-03 N/A
The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary file in the templatename parameter, which is passed to the eval function.
CVE-2005-3824 1 Vtiger 1 Vtiger Crm 2025-04-03 N/A
The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, such as PHP files, via the add2db action.
CVE-2005-3830 1 Activecampaign 1 Supporttrio 2025-04-03 N/A
index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote attackers to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability.
CVE-2005-3833 1 Tunez 1 Tunez 2025-04-03 N/A
SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to execute arbitrary SQL commands via the song_id parameter.
CVE-2005-1450 1 S9y 1 Serendipity 2025-04-03 N/A
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact.
CVE-2005-3837 1 Scssboard 1 Scssboard 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier versions, allows remote attackers to inject arbitrary web script or HTML via the search_term parameter.
CVE-2005-3839 1 Supportpro 1 Supportdesk 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject arbitrary web script or HTML via the (1) post tickers and (2) view tickets options.
CVE-2005-3841 1 Kplaylist 1 Kplaylist 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter.
CVE-2005-3843 1 Nicecoder 1 Idesk 2025-04-03 N/A
SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2005-1453 1 Leafnode 1 Leafnode 2025-04-03 N/A
fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.
CVE-2005-3848 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."