Vulnerabilities (CVE)

Filter

127277 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-4632 1 Vote Pro 1 Vote Pro 2008-09-20 7.5
SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.
CVE-2005-4631 1 Ryan Lath 1 Zina 2008-09-20 7.5
SQL injection vulnerability in index.php in Zina 0.12.07 and earlier allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2005-4629 1 Smbcms 1 Smbcms 2008-09-20 7.5
SQL injection vulnerability in SMBCMS 2.1 allows remote attackers to execute arbitrary SQL commands via unspecified search parameters.
CVE-2005-4628 1 Help Desk Point Software 1 Helpdeskpoint 2008-09-20 7.5
SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2005-4621 1 Jelsoft 1 Vbulletin 2008-09-20 4.3
Cross-site scripting (XSS) vulnerability in the editavatar page in vBulletin 3.5.1 allows remote attackers to inject arbitrary web script or HTML via a URL in the remote avatar url field, in which the URL generates a parsing error, and possibly...
CVE-2005-4619 1 Phpoutsourcing 1 Zorum 2008-09-20 7.5
SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method.
CVE-2005-4598 1 Ooapp 1 Ooapp Guestbook 2008-09-20 4.3
Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2005-4512 1 Waxtrapp 1 Waxtrapp 2008-09-20 4.3
Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-4498 1 Text-e 1 Text-e Cms 2008-09-20 4.3
Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-4486 1 Quantum Art 1 Qp7 Enterprise 2008-09-20 7.5
** DISPUTED ** SQL injection vulnerability in Quantum Art QP7.Enterprise (formerly Q-Publishing) allows remote attackers to execute arbitrary SQL commands via the p_news_id parameter to (1) news_and_events_new.asp and (2) news.asp. NOTE: on...
CVE-2005-4481 1 Polopoly 1 Polopoly 2008-09-20 6.8
** DISPUTED ** Cross-site scripting (XSS) vulnerability in Polopoly 9 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. NOTE: the vendor has disputed this vulnerability, stating that...
CVE-2005-4480 1 Plexcor 1 Plexcor Cms 2008-09-20 6.8
Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-4477 2008-09-20 6.8
Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter.
CVE-2005-4475 1 Alkacon 1 Opencms 2008-09-20 6.8
Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-4431 1 Wowbb 1 Wowbb 2008-09-20 7.5
SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181.
CVE-2005-4430 2008-09-20 7.5
SQL injection vulnerability in LogicBill 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) __mode and (2) __id parameters to helpdesk.php.
CVE-2005-4429 1 Cs-cart 1 Cs-cart 2008-09-20 7.5
SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php.
CVE-2005-4410 1 Nqcontent 1 Nqcontent 2008-09-20 4.3
Cross-site scripting (XSS) vulnerability in NQcontent 3 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the text parameter.
CVE-2005-4409 1 Mmbase 1 Mmbase 2008-09-20 4.3
Cross-site scripting (XSS) vulnerability in MMBase 1.7.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-4408 1 Pc Media 1 Miraserver 2008-09-20 7.5
Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.