Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3394 | 1 Oaboard | 1 Oaboard | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) channel parameter in the topics module and (2) topic parameter in the posting module. | ||||
| CVE-2005-3368 | 1 Search Enhanced | 1 Search Enhanced | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Search_Enhanced module in PHP-Nuke 7.9 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2005-3369 | 1 Woltlab | 1 Burning Board | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board 2.7 and earlier allow remote attackers to execute arbitrary SQL commands and possibly upload files via the (1) fileid and (2) subkatid parameters. | ||||
| CVE-2005-3403 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, (2) the _base_path parameter in news.inc.php, and (3) the p parameter in add_note.php. | ||||
| CVE-2005-3404 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2025-04-03 | N/A |
| Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_header.inc.php and (2) print.php. | ||||
| CVE-2005-3433 | 1 Mirabilis | 1 Icq | 2025-04-03 | N/A |
| Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by convincing a user to enter long strings into the First Name and Last Name fields. | ||||
| CVE-2005-3431 | 1 Rockliffe | 1 Mailsite Express | 2025-04-03 | N/A |
| Absolute path traversal vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to read arbitrary files via a full pathname in the AttachPath field of a mail message under composition. | ||||
| CVE-2005-3432 | 1 Thomas Rybak | 1 Minigal 2 | 2025-04-03 | N/A |
| MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protected images via a request to index.php with the list parameter set to * (wildcard) and the page parameter set to all. | ||||
| CVE-2005-3458 | 1 Oracle | 1 E-business Suite | 2025-04-03 | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS19 in Workflow Cartridge. | ||||
| CVE-2005-3459 | 1 Oracle | 2 Clinical, E-business Suite | 2025-04-03 | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical. | ||||
| CVE-2005-3461 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-03 | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01. | ||||
| CVE-2005-3462 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-03 | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.02 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE02. | ||||
| CVE-2005-3478 | 1 Phpcafe | 1 Tutorial Manager | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-3479 | 1 Ringtail | 1 Casebook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter. | ||||
| CVE-2005-3495 | 1 Ar-blog | 1 Ar-blog | 2025-04-03 | N/A |
| Ar-blog 5.2 and earlier allows remote attackers to bypass authentication by modifying cookies. | ||||
| CVE-2005-3499 | 1 Frisk Software | 1 F-prot Antivirus | 2025-04-03 | N/A |
| Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file. | ||||
| CVE-2005-3515 | 1 Chipmunk Scripts | 1 Chipmunk Topsites | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter. | ||||
| CVE-2005-3518 | 1 Punbb | 1 Punbb | 2025-04-03 | N/A |
| SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote attackers to execute arbitrary SQL commands via the old_searches parameter. | ||||
| CVE-2005-3516 | 1 Chipmunk Scripts | 1 Chipmunk Directory | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote attackers to inject arbitrary web script or HTML via the entryID parameter. | ||||
| CVE-2005-3545 | 1 Ibproarcade | 1 Ibproarcade | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter. | ||||