Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-4254 1 Dreamlevels 1 Dream Poll 2011-03-07 7.5 HIGH N/A
SQL injection vulnerability in view_Results.php in DreamLevels DreamPoll 3.0 final allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-4255 1 Wikkawiki 1 Wikkawiki 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded phrase parameter.
CVE-2005-4262 1 Envolution 1 Envolution 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. NOTE: this issue might be resultant from the SQL injection problem (CVE-2005-4263).
CVE-2005-4264 1 Triangle Solutions 1 Php Support Tickets 2011-03-07 7.5 HIGH N/A
Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields, and (3) id parameter.
CVE-2005-4279 1 Gentoo 1 Qt-unixodbc 2011-03-07 7.2 HIGH N/A
Untrusted search path vulnerability in Qt-UnixODBC before 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
CVE-2005-4280 1 Kitware 1 Cmake 2011-03-07 7.2 HIGH N/A
Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
CVE-2005-4281 1 Zaygo 1 Hostingcart 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root parameter to zaygo.cgi.
CVE-2005-4282 1 Zaygo 1 Domaincart 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML, possibly via the root parameter to zaygo.cgi.
CVE-2005-4283 1 Nightmedia 1 The City Shop 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via parameters to the search module, possibly SKey to store.cgi.
CVE-2005-4284 1 Static Store 1 Staticstore 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possibly the keywords parameter. NOTE: this issue was originally disputed by the vendor, but it has since been acknowledged.
CVE-2005-4285 1 Dick Copits 1 Pdestore 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters.
CVE-2005-4286 1 Phplogcon 1 Phplogcon 2011-03-07 7.5 HIGH N/A
Unspecified vulnerability in PhpLogCon before 1.2.2 allows remote attackers to use arbitrary profiles via unknown vectors involving "'smart' values for userid and password," probably involving an SQL injection vulnerability in the (1) pass and (2) usr parameters in submit.php.
CVE-2005-4290 1 Soft4e 1 Ecw-cart 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.cgi in ECW-Cart 2.03 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) kword, (2) max, (3) min, (4) comp, and (5) f parameters.
CVE-2005-4291 1 Ectools 1 Ectools Onlineshop 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in cart.cgi in ECTOOLS Onlineshop 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) product, (2) category, and (3) uid parameters.
CVE-2005-4292 1 Internet Express Products 1 Commercesql 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords parameter in the Quick Find feature.
CVE-2005-4293 1 Kryptronic 1 Clickcartpro 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.
CVE-2005-4294 1 Alkacon 1 Opencms 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the username in the login page.
CVE-2005-4295 1 Xigla 1 Absolute Image Gallery Xe 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.x allows remote attackers to inject arbitrary web script or HTML via the text parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-4297 1 Bbboard 1 Bbboard 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly via the "keys" parameter.
CVE-2005-4298 1 Atlantpro.com 1 Atlantforum 2011-03-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) sch_allsubct, (2) before, and (3) ct parameters.