Total
29932 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2387 | 1 Goodtech Systems | 1 Goodtech Smtp Server | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO commands with a long e-mail name arugment in the last command. | ||||
| CVE-2006-3624 | 1 Flv | 1 Flv Player | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FLV Players 8 allow remote attackers to inject arbitrary web script or HTML via the url parameter to (1) player.php or (2) popup.php. | ||||
| CVE-2005-2392 | 1 Cmsmadesimple | 1 Cms Made Simple | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function. | ||||
| CVE-2005-2394 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the full path of the server via an invalid archive parameter. | ||||
| CVE-2005-2401 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag. | ||||
| CVE-2006-3657 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property. | ||||
| CVE-2005-2411 | 1 Tdiary | 1 Tdiary | 2026-04-16 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user. | ||||
| CVE-2005-2412 | 1 Php Firstpost | 1 Php Firstpost | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter. | ||||
| CVE-2005-2413 | 1 Atomic Photo Album | 1 Atomic Photo Album | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter. | ||||
| CVE-2005-2415 | 1 Astalavista It Engineering | 1 Contrexx | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module. | ||||
| CVE-2006-1964 | 1 Aspsitem | 1 Aspsitem | 2026-04-16 | N/A |
| SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-2416 | 1 Astalavista It Engineering | 1 Contrexx | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module. | ||||
| CVE-2006-1973 | 1 Linksys | 1 Rt31p2 | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages. | ||||
| CVE-2005-2417 | 1 Astalavista It Engineering | 1 Contrexx | 2026-04-16 | N/A |
| Contrexx before 1.0.5 allows remote attackers to obtain sensitive information via a direct request to /config/version.xml. | ||||
| CVE-2006-1977 | 1 Flexbb | 1 Flexbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FlexBB 0.5.7 BETA and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) message parameters. | ||||
| CVE-2005-2423 | 1 Beehive Forum | 1 Beehive Forum | 2026-04-16 | N/A |
| Beehive Forum allows remote attackers to obtain sensitive information via (1) an invalid final_uri or sort_by parameter to index.php or a direct request to (2) admin.php, (3) attachments.inc.php, (4) banned.inc.php, (5) beehive.inc.php, (6) constants.inc.php, (7) db.inc.php, (8) dictionary.inc.php or (9) search_index.php, which reveal the path in an error message. | ||||
| CVE-2006-1979 | 1 Manic Web | 1 Mwguest | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in mwguest.php in Manic Web MWGuest 2.1.0 allows remote attackers to inject arbitrary web script or HTML via the homepage parameter. | ||||
| CVE-2005-2424 | 1 Siemens | 1 Santis 50 | 2026-04-16 | N/A |
| The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze. | ||||
| CVE-2005-2429 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office. | ||||
| CVE-2005-2431 | 1 Gforge | 1 Gforge | 2026-04-16 | N/A |
| The (1) lost password and (2) account pending features in GForge 4.5 do not properly set a limit on the number of e-mails sent to an e-mail address, which allows remote attackers to send a large number of messages to arbitrary e-mail addresses (aka mail bomb). | ||||