Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4056 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location, (2) Last Name, and (3) First Name parameters. | |||||
| CVE-2005-4054 | 1 Pluggedout | 1 Pluggedout Blog | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter. | |||||
| CVE-2005-4290 | 1 Soft4e | 1 Ecw-cart | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) kword, (2) max, (3) min, (4) comp, and (5) f parameters. | |||||
| CVE-2005-4291 | 1 Ectools | 1 Ectools Onlineshop | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) uid parameters. | |||||
| CVE-2005-4292 | 1 Internet Express Products | 1 Commercesql | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords parameter in the Quick Find feature. | |||||
| CVE-2005-4293 | 1 Kryptronic | 1 Clickcartpro | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter. | |||||
| CVE-2005-4047 | 1 Iisworks | 1 Aspknowledgebase | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter. | |||||
| CVE-2005-4046 | 1 Sun | 2 Java System Application Server, One Application Server | 2011-03-07 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy." | |||||
| CVE-2005-4294 | 1 Alkacon | 1 Opencms | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page. | |||||
| CVE-2005-4295 | 1 Xigla | 1 Absolute Image Gallery Xe | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.x allows remote attackers to inject arbitrary web script or HTML via the text parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4042 | 1 Mr. Cgi Guy | 1 Warm Links | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Warm Links 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to search.cgi. | |||||
| CVE-2005-4041 | 1 Mr. Cgi Guy | 2 Hot Links Pro, Hot Links Sql | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2005-4297 | 1 Bbboard | 1 Bbboard | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly via the "keys" parameter. | |||||
| CVE-2005-4298 | 1 Atlantpro.com | 1 Atlantforum | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) sch_allsubct, (2) before, and (3) ct parameters. | |||||
| CVE-2005-4036 | 1 Web4future | 1 Keyword Frequency Counter | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.cgi in Web4Future KeyWord Frequency Counter 1.0 allows remote attackers to inject arbitrary web script or HTML via the "remote URL." | |||||
| CVE-2005-4035 | 1 Web4future | 1 Web4future Ecommerce | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web4Future eCommerce Enterprise Edition 2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) prod, and (2) brid parameters to (a) view.php; the (3) the bid parameter to (b) viewbrands.php; and the (4) grp and (5) cat parameters to index.php. | |||||
| CVE-2005-4034 | 1 Web4future | 1 Edating Professional | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Web4Future eDating Professional 5 allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) pg, and (3) sortb parameters to (a) index.php; (4) cid parameter to (b) gift.php and (c) fq.php; and (5) cat parameter to (d) articles.php. | |||||
| CVE-2005-4033 | 1 Ali Bousahid | 1 Nodezilla | 2011-03-07 | 5.0 MEDIUM | N/A |
| Nodezilla 0.4.13-corno-fulgure does not properly protect the evl_data directory, which could allow them to be shared when they are not protected by PRIVATEDATADIR in nodezilla.ini, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-4032 | 1 Hotcgiscripts | 1 Easy Search System | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in Easy Search System 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2005-4031 | 1 Mediawiki | 1 Mediawiki | 2011-03-07 | 7.5 HIGH | N/A |
| Eval injection vulnerability in MediaWiki 1.5.x before 1.5.3 allows remote attackers to execute arbitrary PHP code via the "user language option," which is used as part of a dynamic class name that is processed using the eval function. | |||||