LiveActive security incident?Get immediate response
CVE archive

May 2005

Browse CVE records published in May 2005, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 428 matching CVEs · Page 2 of 9.

Unknown · CVSS Not scored

CVE-2005-1572: ShowOff!

ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed request to port 8083.

Published May 14, 2005 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2005-1719: Unknown vulnerability in ALWIL avast!

Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT 4.0, does not properly detect certain viruses.

Published May 24, 2005 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2005-4800: Direct static code injection vulnerability in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allow...

Direct static code injection vulnerability in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allows remote authenticated administrators to inject arbitrary PHP code via the TestGallery parameter in a mod_info action to modify_gallery.php, which inserts the code into guid_info.php. NOTE: this issue is easier to exploit due to a separate CSRF vulnerability.

Published May 15, 2006 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2005-4799: Multiple cross-site scripting (XSS) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and earl...

Multiple cross-site scripting (XSS) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the Homepage field (aka the Website field) in an "image-related comment" and (2) the img_size field in view.php. NOTE: due to lack of details from the researcher, it is not clear whether the comment vector overlaps CVE-2005-1886.

Published May 15, 2006 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2005-4801: Multiple cross-site request forgery (CSRF) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b a...

Multiple cross-site request forgery (CSRF) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allow remote attackers to perform unauthorized actions as a logged-in user, as demonstrated by tricking the administrator to access a web page that performs a mod_info action in modify_gallery.php.

Published May 15, 2006 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2005-1782: Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to inject...

Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to (1) add_review.htm, (2) suggest_review.htm, (3) suggest_category.htm, (4) add_booklist.htm, or (5) add_url.htm, the isbn parameter to (6) add_review.htm, (7) add_contents.htm, (8) add_classification.htm, the (9) chapters parameter to the add_contents page in index.php (aka add_contents.htm), (10) the user parameter to contact.htm, or (11) the submit[string] parameter to search.htm. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.

Published May 31, 2005 · Updated Aug 7, 2024