Export limit exceeded: 347142 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2350 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. | ||||
| CVE-2004-2351 | 1 Martin Bauer | 1 Gbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) name, (2) email, (3) city, and (4) message, which do not use the <script> and <style> tags, which are filtered by PHP-Nuke. | ||||
| CVE-2004-2352 | 1 Martin Bauer | 1 Gbook | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is not cleansed by PHP-Nuke. | ||||
| CVE-2004-2353 | 1 Incogen | 1 Bugport | 2025-04-03 | N/A |
| BugPort before 1.099 stores its configuration file (conf/config.conf) under the web document root with a file extension that is not normally parsed by web servers, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2004-2354 | 2 Francisco Burzi, Warpspeed | 2 Php-nuke, 4nguestbook | 2025-04-03 | N/A |
| SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered. | ||||
| CVE-2004-2355 | 1 Crafty Syntax Live Help | 1 Crafty Syntax Live Help | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session. | ||||
| CVE-2004-2356 | 1 Fizmez | 1 Fizmez Web Server | 2025-04-03 | N/A |
| Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, which triggers a null pointer dereference. | ||||
| CVE-2004-2357 | 1 Proofpoint | 1 Proofpoint Protection Server | 2025-04-03 | N/A |
| The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database. | ||||
| CVE-2004-2358 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2004-2359 | 1 Dell | 1 Truemobile 1300 Wlan Mini-pci Card Util Trayapplet | 2025-04-03 | N/A |
| Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality. | ||||
| CVE-2004-2360 | 1 Targem Games | 1 Battle Mages | 2025-04-03 | N/A |
| Targem Battle Mages 1.0 allows remote attackers to cause a denial of service (infinite loop) via a UDP packet with incomplete data, which causes the server to enter an infinite loop while waiting to read the rest of the data that is not sent. | ||||
| CVE-2004-2444 | 1 Jaws | 1 Jaws | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter. | ||||
| CVE-2004-2361 | 1 Digital Reality | 2 Desert Rats Vs. Afrika Korps, Haegemonia | 2025-04-03 | N/A |
| Digital Reality game engine, as used in Haegemonia 1.0 through 1.0.7 and Desert Rats vs. Afrika Korps 1.0, allows remote attackers to cause a denial of service (crash) via a chat message with a large message size, which triggers an out-of-bounds read. | ||||
| CVE-2004-2362 | 1 Phpx | 1 Phpx | 2025-04-03 | N/A |
| PHPX 3.2.6 and earlier allows remote attackers to obtain the physical path of PHPX via a null or invalid value in the limit parameter, which leaks the pathname in a database error message, as demonstrated using forums.php. | ||||
| CVE-2004-2363 | 1 Phpx | 1 Phpx | 2025-04-03 | N/A |
| Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting (XSS) attacks via hex-encoded tags, which bypass the check for literal "<", ">", "(", and ")" characters, as demonstrated using the limit parameter to forums.php and a variety of other vectors. | ||||
| CVE-2004-2364 | 1 Phpx | 1 Phpx | 2025-04-03 | N/A |
| Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php. | ||||
| CVE-2004-2365 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount. | ||||
| CVE-2004-2366 | 1 Globalscape | 1 Secure Ftp Server | 2025-04-03 | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument. | ||||
| CVE-2004-2367 | 1 Texas Imperial Software | 2 Wftpd, Wftpd Pro | 2025-04-03 | N/A |
| The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command. | ||||
| CVE-2004-2368 | 1 The Opt-x Project | 1 Opt-x | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter. | ||||