Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.5

    HIGH
    CVE-2005-4310

    SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials.... Read more

    Affected Products : tectia_server
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-4302

    Directory traversal vulnerability in index.php in ezDatabase 2.1.2 and earlier allows remote attackers to include arbitrary local files via ".." sequences in the p parameter.... Read more

    Affected Products : ezdatabase
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-4312

    SQL injection vulnerability in index.php in AlmondSoft Almond Classifieds 5.02 allows remote attackers to execute arbitrary SQL commands via the id parameter.... Read more

    Affected Products : almond_classifieds
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4311

    Cross-site scripting (XSS) vulnerability in DCForum 6.25 and earlier, and possibly DCForum+ 1.x, allows remote attackers to inject arbitrary web script or HTML via (1) the page parameter in dcboard.php and (2) unspecified search parameters.... Read more

    Affected Products : dcforum dcforum\+
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-4303

    SQL injection vulnerability in index.php for ezDatabase 2.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the db_id parameter.... Read more

    Affected Products : ezdatabase
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-4315

    SQL injection vulnerability in the search function in Plexum PLEXCART X3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly involving the (1) s_itemname and (2) s_orderby parameters to plexcart.pl.... Read more

    Affected Products : plexcart_x3
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4314

    Cross-site scripting (XSS) vulnerability in ppcal.cgi in PPCal Shopping Cart 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) stop and (2) user parameters.... Read more

    Affected Products : ppcal_shopping_cart
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-4308

    index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter.... Read more

    Affected Products : ezupload_pro
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4306

    Multiple cross-site scripting (XSS) vulnerabilities in SiteNet BBS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pg, (2) tid, (3) cid, and (4) fid parameters to netboardr.cgi, or (5) cid parameter to search.cgi.... Read more

    Affected Products : sitenet_bbs
    • Published: Dec. 17, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4297

    Cross-site scripting (XSS) vulnerability in bbBoard 2.56 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly via the "keys" parameter.... Read more

    Affected Products : bbboard
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-4300

    Format string vulnerability in the lire_pop function in pop.c in libremail 1.1.0 and earlier, with compiled with the debug option, allows remote attackers to execute arbitrary code via a crafted e-mail or POP server response.... Read more

    Affected Products : libremail
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4301

    Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the address bar field.... Read more

    Affected Products : phpxplorer
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4298

    Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) sch_allsubct, (2) before, and (3) ct parameters.... Read more

    Affected Products : atlantforum
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-3652

    Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response.... Read more

    Affected Products : ica_program_neighborhood_client
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4299

    Cross-site scripting (XSS) vulnerability in atl.cgi in Atlant Pro 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) before and (2) ct parameters.... Read more

    Affected Products : atlant_pro
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-4278

    Untrusted search path vulnerability in Perl before 5.8.7-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.... Read more

    Affected Products : perl
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4283

    Cross-site scripting (XSS) vulnerability in The CITY Shop 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via parameters to the search module, possibly SKey to store.cgi.... Read more

    Affected Products : the_city_shop
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-4287

    PHP remote file include vulnerability in MarmaraWeb E-commerce allows remote attackers to execute arbitrary code via the page parameter to index.php.... Read more

    Affected Products : marmaraweb_e-commerce
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4284

    Cross-site scripting (XSS) vulnerability in StaticStore Search Engine 1.189A and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to search.cgi, possibly the keywords parameter. NOTE: this issue was origin... Read more

    Affected Products : staticstore
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-4293

    Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.... Read more

    Affected Products : clickcartpro
    • Published: Dec. 16, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 294837 Results