Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4030 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2011-03-07 | 5.1 MEDIUM | N/A |
| SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows remote attackers to execute arbitrary SQL commands via the HTTP_USER_AGENT header. | |||||
| CVE-2005-4299 | 1 Atlantpro.com | 1 Atlant Pro | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in atl.cgi in Atlant Pro 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) before and (2) ct parameters. | |||||
| CVE-2005-4024 | 1 Interspire | 1 Fastfind | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Interspire FastFind 2004 and 2005 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2005-4301 | 1 Phpxplorer | 1 Phpxplorer | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the address bar field. | |||||
| CVE-2005-4020 | 1 Widget Press | 1 Widget Imprint | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in create.php in Widget Imprint 1.0.26 and earlier allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | |||||
| CVE-2005-4018 | 1 Landshop | 1 Real Estate Commerce System | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ls.php in Landshop Real Estate Commerce System 0.6.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) start, (2) search_order, (3) search_type, (4) search_area, and (5) keyword parameters. | |||||
| CVE-2005-4016 | 1 Widget Press | 1 Widget Property | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Widget Property 1.1.19 allows remote attackers to execute arbitrary SQL commands via the (1) property_id, (2) zip_code, (3) property_type_id, (4) price, and (5) city_id parameters to property.php. | |||||
| CVE-2005-4306 | 1 Focalmedia.net | 1 Sitenet Bbs | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pg, (2) tid, (3) cid, and (4) fid parameters to netboardr.cgi, or (5) cid parameter to search.cgi. | |||||
| CVE-2005-4307 | 1 Jonathan Bravata | 1 Scarecrow | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi. | |||||
| CVE-2005-4005 | 1 Php Fusion | 1 Php Fusion | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php. | |||||
| CVE-2005-4004 | 1 Infinetsoftware | 1 Mytemplatesite | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in MyTemplateSite 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2005-4001 | 1 Phpyellow | 2 Phpyellowtm Lite, Phpyellowtm Pro | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpYellowTM Pro Edition and Lite Edition 5.33 allow remote attackers to execute arbitrary SQL commands via the (1) haystack parameter to search_result.php or (2) ckey parameter to print_me.php. | |||||
| CVE-2005-4310 | 1 Ssh | 1 Tectia Server | 2011-03-07 | 7.5 HIGH | N/A |
| SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials. | |||||
| CVE-2005-4311 | 1 Dcscripts | 2 Dcforum, Dcforum\+ | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters. | |||||
| CVE-2005-4312 | 1 Almondsoft | 1 Almond Classifieds | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-3993 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2011-03-07 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allow attackers to cause a denial of service (crash) via invalid IMAP commands. | |||||
| CVE-2005-3989 | 1 Avaya | 1 Tn2602ap Ip Media Resource 320 Circuit Pack | 2011-03-07 | 7.8 HIGH | N/A |
| Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote attackers to cause a denial of service (memory consumption) via crafted VoIP packets. | |||||
| CVE-2005-3988 | 1 Pineapple Technologies | 1 Lore | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-4314 | 1 Ppcal Shopping Cart | 1 Ppcal Shopping Cart | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters. | |||||
| CVE-2005-3985 | 1 Astaro | 1 Security Linux | 2011-03-07 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||