Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4047 | 1 Iisworks | 1 Aspknowledgebase | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter. | |||||
| CVE-2005-4054 | 1 Pluggedout | 1 Pluggedout Blog | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter. | |||||
| CVE-2005-4056 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location, (2) Last Name, and (3) First Name parameters. | |||||
| CVE-2005-4057 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters. | |||||
| CVE-2005-4059 | 1 Locazo | 1 Locazolist | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2005-4061 | 1 Xcent | 1 Xcphotoblbum | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in PASearch.asp in XcPhotoAlbum 1.x allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2005-4062 | 1 Xcent | 1 Xcclassified | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CPSearch.asp in XcClassified 3.x allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2005-4063 | 1 Netauctionhelp | 1 Netauctionhelp | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NetAuctionHelp 3.0 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) L, (2) sort, (3) category, (4) categoryname parameters to search.asp. | |||||
| CVE-2005-4064 | 1 Alan Ward | 1 A-faq | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in A-FAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) faqid parameter to faqDspItem.asp and (2) catcode parameter to faqDsp.asp. | |||||
| CVE-2005-4065 | 1 Edgewall Software | 1 Trac | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the search module in Edgewall Trac before 0.9.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-4068 | 1 Ibm | 1 Aix | 2011-03-07 | 7.2 HIGH | N/A |
| Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors. | |||||
| CVE-2005-4072 | 1 Cfmagic | 1 Magic Forum Personal | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in CFMagic Magic Forum Personal 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the Words parameter in search_forums.cfm, as used in the "Search For:" field. | |||||
| CVE-2005-4085 | 1 Bluecoat | 2 Proxyav, Webproxy | 2011-03-07 | 7.5 HIGH | N/A |
| Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | |||||
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | |||||
| CVE-2005-4088 | 1 W2b | 1 Phpforumpro | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | |||||
| CVE-2005-4091 | 1 1-script | 1 1-search | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in 1search.cgi in 1-Script 1-Search 1.8 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2005-4132 | 1 Contenido | 1 Contendio | 2011-03-07 | 7.5 HIGH | N/A |
| Unspecified "security leak" vulnerability in Contenido before 4.6.4, when register_globals is on and allow_url_fopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability. | |||||
| CVE-2005-4133 | 1 Sun | 1 Solaris | 2011-03-07 | 2.1 LOW | N/A |
| Sun Update Connection in Sun Solaris 10, when configured to use a web proxy, allows local users to obtain the proxy authentication password via (1) an unspecified vector and (2) proxy log files. | |||||
| CVE-2005-4163 | 1 Milky | 1 Captcha Php | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 allows remote attackers to read arbitrary files via the _tcf parameter. | |||||
| CVE-2005-4166 | 1 Duware | 1 Duportal Pro | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in password.asp in DUWare DUportal Pro 3.4.3 allows remote attackers to inject arbitrary web script or HTML via the result parameter. | |||||