Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4041 | 1 Mr. Cgi Guy | 2 Hot Links Pro, Hot Links Sql | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string. | |||||
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2011-03-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | |||||
| CVE-2005-4252 | 1 Mcgallery | 1 Mcgallery Pro | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters. | |||||
| CVE-2005-3841 | 1 Kplaylist | 1 Kplaylist | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter. | |||||
| CVE-2005-4004 | 1 Infinetsoftware | 1 Mytemplatesite | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in MyTemplateSite 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||
| CVE-2005-4132 | 1 Contenido | 1 Contendio | 2011-03-08 | 7.5 HIGH | N/A |
| Unspecified "security leak" vulnerability in Contenido before 4.6.4, when register_globals is on and allow_url_fopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability. | |||||
| CVE-2005-4239 | 1 Php Jackknife | 1 Php Jackknife | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Search/DisplayResults.php in PHP JackKnife 2.21 and earlier allows remote attackers to inject arbitrary web script or HTML via URL-encoded values in the sKeywords parameter. | |||||
| CVE-2005-4310 | 1 Ssh | 1 Tectia Server | 2011-03-08 | 7.5 HIGH | N/A |
| SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials. | |||||
| CVE-2005-4191 | 1 Horde | 1 Nag Task List Manager H3 | 2011-03-08 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before 2.0.4 allow remote authenticated users to inject arbitrary web script or HTML via (1) the tasklist's name or (2) description, when creating a new tasklist. | |||||
| CVE-2005-3828 | 1 Activecampaign | 1 Knowledgebuilder | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter. | |||||
| CVE-2005-3742 | 1 Advanced Poll | 1 Advanced Poll | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter. | |||||
| CVE-2005-4237 | 1 Servers-r-us | 1 Mysqlauction | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module. | |||||
| CVE-2005-4241 | 1 Vcd-db | 1 Vcd-db | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the category page in VCD-db 0.98 and earlier allows remote attackers to inject arbitrary web script or HTML via the batch parameter. | |||||
| CVE-2005-4238 | 1 Mantis | 1 Mantis | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter. | |||||
| CVE-2005-4059 | 1 Locazo | 1 Locazolist | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter. | |||||
| CVE-2005-3942 | 1 Greywyvern | 1 Orca Knowledgebase | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter. | |||||
| CVE-2005-4280 | 1 Kitware | 1 Cmake | 2011-03-08 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | |||||
| CVE-2005-3827 | 1 Agileco | 1 Agilebill | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in product_cat in AgileBill 1.4.92 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-3878 | 1 Alex King | 1 Php Doc System | 2011-03-08 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHP Doc System 1.5.1 and earlier allows remote attackers to access or include arbitrary files via a .. (dot dot) in the show parameter. | |||||
| CVE-2005-3851 | 1 Onlinetechtools.com | 1 Oasys Lite | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter. | |||||