ReportizFlow
Filtered by vendor
Subscriptions
Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3920 | 1 Babe Logger | 1 Babe Logger | 2026-04-16 | N/A |
| SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL commands via the (1) gal parameter to index.php or (2) id parameter to comments.php. | ||||
| CVE-2005-3941 | 1 Greywyvern | 1 Orca Blog | 2026-04-16 | N/A |
| SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter. | ||||
| CVE-2005-3977 | 1 Qualityebiz | 1 Qualityppc | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in QualityEBiz Quality PPC 1553 allows remote attackers to inject web script or HTML via the REQ parameter to the search module. | ||||
| CVE-2005-3983 | 1 Hp | 1 Systems Insight Manager | 2026-04-16 | N/A |
| Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. | ||||
| CVE-2005-4018 | 1 Landshop | 1 Real Estate Commerce System | 2026-04-16 | N/A |
| SQL injection vulnerability in ls.php in Landshop Real Estate Commerce System 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) start, (2) search_order, (3) search_type, (4) search_area, and (5) keyword parameters. | ||||
| CVE-2005-4023 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in the zipcart module in Gallery 2.0 before 2.0.2 allows remote attackers to read arbitrary files via unknown vectors. | ||||
| CVE-2005-4031 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the "user language option," which is used as part of a dynamic class name that is processed using the eval function. | ||||
| CVE-1999-0043 | 6 Bsdi, Caldera, Isc and 3 more | 7 Bsd Os, Openlinux, Inn and 4 more | 2026-04-16 | 9.8 Critical |
| Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. | ||||
| CVE-2005-4136 | 1 Fad Solutions | 1 Drzes Hms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in DRZES HMS 3.2 allows remote attackers to inject arbitrary web script or HTML via the customerEmailAddress parameter. | ||||
| CVE-2005-4170 | 1 Efiction Project | 1 Efiction | 2026-04-16 | N/A |
| SQL injection vulnerability in eFiction 1.1 allows remote attackers to execute arbitrary SQL commands via the uid parameter to viewuser.php. | ||||
| CVE-2005-4177 | 1 Cfmagic | 2 Magic Book Personal, Magic Book Professional | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter. | ||||
| CVE-2005-4193 | 1 Usebb | 1 Usebb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows remote attackers to inject arbitrary web script or HTML via the $_SERVER['PHP_SELF'] variable. | ||||
| CVE-2005-4222 | 1 Lars Ellingsen | 1 Guestserver | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in guestbook.cgi in Lars Ellingsen Guestserver 4.13 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified message fields. | ||||
| CVE-1999-0087 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | ||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | ||||
| CVE-2005-4302 | 1 Indexcor | 1 Ezdatabase | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter. | ||||
| CVE-2005-4393 | 1 E-publish | 1 E-publish | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in show.cfm in e-publish CMS 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) obcatid and (2) comid parameters. | ||||
| CVE-2005-4411 | 1 David Harris | 1 Mercury Mail Transport System | 2026-04-16 | N/A |
| Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105. | ||||
| CVE-1999-0286 | 2026-04-16 | N/A | ||
| In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages. | ||||
| CVE-2005-4418 | 1 Vserver | 1 Util-vserver | 2026-04-16 | N/A |
| util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities. | ||||