LiveActive security incident?Get immediate response
CVE archive

2005 CVE Archive

Browse CVE records published in 2005 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 4627 matching CVEs · Page 3 of 93.

Unknown · CVSS Not scored

CVE-2005-4171: The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload imag...

The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP code within the file.

Published Dec 11, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2005-1669: Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject ar...

Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.

Published Jun 16, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2005-0737: Buffer overflow in Yahoo!

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.

Published Mar 13, 2005 · Updated Sep 17, 2024