Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4189 | 1 Horde | 1 Kronolith H3 | 2011-03-07 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors. | |||||
| CVE-2005-4191 | 1 Horde | 1 Nag Task List Manager H3 | 2011-03-07 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before 2.0.4 allow remote authenticated users to inject arbitrary web script or HTML via (1) the tasklist's name or (2) description, when creating a new tasklist. | |||||
| CVE-2005-4192 | 1 Horde | 1 Mnemo Note Manager H3 | 2011-03-07 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad. | |||||
| CVE-2005-4194 | 1 Innovateware | 1 Sights N Sounds Streaming Media Server | 2011-03-07 | 5.0 MEDIUM | N/A |
| Buffer overflow in MediaServerList.exe in Sights 'n Sounds Streaming Media Server 2.0.3.a allows remote attackers to cause a denial of service (application crash) via a long query string. | |||||
| CVE-2005-4231 | 1 Php Web Scripts | 1 Link Up Gold | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Link Up Gold 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) link parameter to tell_friend.php, (2) phrase[] parameter to search.php in a search_links_advanced action, and the (3) direction or (4) sort parameter to articles.php. | |||||
| CVE-2005-4234 | 1 Powerdev | 1 Encapsgallery | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in gallery.php in EncapsGallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-4235 | 1 Whmcompletesolution | 1 Whmcompletesolution | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2005-4236 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters. | |||||
| CVE-2005-4237 | 1 Servers-r-us | 1 Mysqlauction | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module. | |||||
| CVE-2005-4238 | 1 Mantis | 1 Mantis | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter. | |||||
| CVE-2005-4239 | 1 Php Jackknife | 1 Php Jackknife | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter. | |||||
| CVE-2005-4241 | 1 Vcd-db | 1 Vcd-db | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter. | |||||
| CVE-2005-4242 | 1 Horde | 1 Turba H3 | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Turba H3 2.0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the address book and (2) contact data. | |||||
| CVE-2005-4243 | 1 Quickpaypro | 1 Quickpaypro | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in QuickPayPro 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) popupid parameter in popups.edit.php; (2) so, (3) sb, and (4) nr parameters in customer.tickets.view.php; (5) subrackingid parameter in subscribers.tracking.edit.php; (6) delete parameter in design.php; (7) trackingid parameter in tracking.details.php; and (8) customerid parameter in sales.view.php. | |||||
| CVE-2005-4244 | 1 Snipegallery | 1 Snipe Gallery | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) gallery_id parameter to view.php and (2) image_id parameter to image.php. | |||||
| CVE-2005-4245 | 1 Snipegallery | 1 Snipe Gallery | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Snipe Gallery 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyword parameter. | |||||
| CVE-2005-4248 | 1 Quickpaypro | 1 Quickpaypro | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 allow remote attackers to inject arbitrary web script or HTML via various fields, such as those in (1) communication/subscribers.tracking.add.php, (2) support/tickets.add.php, and (3) mycompany/categories.php. | |||||
| CVE-2005-4250 | 1 Mcgallery | 1 Mcgallery Pro | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to read arbitrary files via the language parameter. | |||||
| CVE-2005-4251 | 1 Mcgallery | 1 Mcgallery Pro | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in mcGallery PRO 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) start, and (3) rand parameters to show.php, and the (4) album parameter to index.php. | |||||
| CVE-2005-4252 | 1 Mcgallery | 1 Mcgallery Pro | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters. | |||||