Export limit exceeded: 349977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349977 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1807 | 1 Dogpatch Software | 1 Cfwebstore | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2004-1533 | 1 Digital Mappings Systems | 1 Pop3 Server | 2026-04-16 | N/A |
| Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password. | ||||
| CVE-2004-1535 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1536 | 1 Ipbproarcade | 1 Ipbproarcade | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2004-1537 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter. | ||||
| CVE-2004-1538 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2004-1539 | 1 Gearbox Software | 1 Halo Combat Evolved | 2026-04-16 | N/A |
| Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. | ||||
| CVE-2004-1540 | 1 Zyxel | 2 Prestige, Zynos | 2026-04-16 | N/A |
| ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file. | ||||
| CVE-2004-1541 | 1 Van Dyke Technologies | 1 Securecrt | 2026-04-16 | N/A |
| SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share. | ||||
| CVE-2004-1542 | 1 Raven Software | 1 Soldier Of Fortune | 2026-04-16 | N/A |
| Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply. | ||||
| CVE-2004-1544 | 1 Jspwiki | 1 Jspwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows remote attackers to execute arbitrary web script as other users via the query parameter. | ||||
| CVE-2004-1545 | 1 Moniwiki | 1 Moniwiki | 2026-04-16 | N/A |
| UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code. | ||||
| CVE-2004-1546 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. | ||||
| CVE-2004-1547 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow. | ||||
| CVE-2004-1548 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename. | ||||
| CVE-2004-1549 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection. | ||||
| CVE-2004-1550 | 1 Motorola | 1 Wr850g | 2026-04-16 | N/A |
| Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | ||||
| CVE-2004-1551 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter. | ||||
| CVE-2004-1553 | 1 Fullrevolution | 1 Aspwebalbum | 2026-04-16 | N/A |
| SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the cat parameter to album.asp. NOTE: it was later reported that vector 1 affects aspWebAlbum 3.2, and the vector involves the txtUserName parameter in a processlogin action to album.asp, as reachable from the login action. | ||||
| CVE-2004-1554 | 1 Alexphpteam | 1 Alex Guestbook | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code. | ||||