Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4341 | 1 Blackboard | 1 Academic Suite | 2025-04-03 | N/A |
| Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this might not be an exposure. | ||||
| CVE-2005-4342 | 1 Macromedia | 1 Coldfusion | 2025-04-03 | N/A |
| ColdFusion Sandbox on Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 does not throw an exception if the SecurityManager is disabled, which might allow remote attackers to "bypass security controls," aka "JRun Clustered Sandbox Security Vulnerability." | ||||
| CVE-2005-4385 | 1 Cofax | 1 Cofax | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. | ||||
| CVE-2005-4387 | 1 Contenite | 1 Contenite | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2005-4388 | 1 Contens | 1 Contens | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter. | ||||
| CVE-2005-4415 | 1 Tml | 1 Tml | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in TML CMS 0.5 allows remote attackers to inject arbitrary web script or HTML via the form parameter. | ||||
| CVE-2005-4416 | 1 Tml | 1 Tml | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in TML CMS 0.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4430 | 1 Logicnow | 1 Logicbill | 2025-04-03 | N/A |
| SQL injection vulnerability in LogicBill 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) __mode and (2) __id parameters to helpdesk.php. | ||||
| CVE-2005-4431 | 1 Wowbb | 1 Wowbb | 2025-04-03 | N/A |
| SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181. | ||||
| CVE-2005-4432 | 1 Playsms | 1 Playsms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 allows remote attackers to inject arbitrary web script or HTML via the err parameter. | ||||
| CVE-2005-4434 | 1 Abledesign | 1 Abledesign | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-4496 | 1 Forum One | 1 Syntaxcms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search in SyntaxCMS 1.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | ||||
| CVE-2005-4523 | 1 Mantis | 1 Mantis | 2025-04-03 | N/A |
| Mantis 1.0.0rc3 and earlier discloses private bugs via public RSS feeds, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-4520 | 1 Mantis | 1 Mantis | 2025-04-03 | N/A |
| Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear whether this is a duplicate of another CVE. | ||||
| CVE-2005-4580 | 1 Day | 1 Communique | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Day Communique 4 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search. | ||||
| CVE-2005-4596 | 1 Ades Design | 1 Adesguestbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_rsRead parameter. | ||||
| CVE-2005-4597 | 1 Epistream | 1 Ipei Guestbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 1.7 allows remote attackers to inject arbitrary web script or HTML via the email parameter, as used by the email field, when signing a guestbook. | ||||
| CVE-2005-4598 | 1 Ooapp | 1 Ooapp Guestbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2005-4641 | 1 Eazycms | 1 Eazycms | 2025-04-03 | N/A |
| SQL injection vulnerability in home.php in eazyCMS 2.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. | ||||
| CVE-2005-4644 | 1 Edgewall Software | 1 Trac | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag. | ||||