Export limit exceeded: 347402 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1733 | 1 Mydms | 1 Mydms | 2025-04-03 | N/A |
| Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. (dot dot) sequences in the URL. | ||||
| CVE-2004-1734 | 1 Mantis | 1 Mantis | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1735 | 1 Sympa | 1 Sympa | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. | ||||
| CVE-2004-1736 | 1 The Cacti Group | 1 Cacti | 2025-04-03 | N/A |
| Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message. | ||||
| CVE-2004-1737 | 2 Gentoo, The Cacti Group | 2 Linux, Cacti | 2025-04-03 | N/A |
| SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | ||||
| CVE-2004-1738 | 1 Jshop E-commerce | 1 Jshop Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter. | ||||
| CVE-2004-1739 | 1 Bird Chat | 1 Internet Chat Server | 2025-04-03 | N/A |
| Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users. | ||||
| CVE-2004-1740 | 1 Music Daemon | 1 Music Daemon | 2025-04-03 | N/A |
| Music daemon (musicd) 0.0.3 and earlier allows remote attackers to read arbitrary files by calling LOAD with a full pathname, then calling SHOWLIST. | ||||
| CVE-2004-1741 | 1 Music Daemon | 1 Music Daemon | 2025-04-03 | N/A |
| Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST. | ||||
| CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2025-04-03 | N/A |
| Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | ||||
| CVE-2004-1743 | 1 Efs Software | 1 Efs Web Server | 2025-04-03 | N/A |
| Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder. | ||||
| CVE-2004-1744 | 1 Efs Software | 1 Efs Web Server | 2025-04-03 | N/A |
| Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests. | ||||
| CVE-2004-1745 | 1 People Can Fly | 1 Painkiller | 2025-04-03 | N/A |
| Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password. | ||||
| CVE-2004-1746 | 1 Php Code Snippet Library | 1 Php Code Snippet Library | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters. | ||||
| CVE-2004-1747 | 1 Network Everywhere | 1 Nr041 | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option. | ||||
| CVE-2004-1748 | 1 Sysinternals | 1 Regmon | 2025-04-03 | N/A |
| NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue. | ||||
| CVE-2004-1749 | 1 Toplayer | 1 Attack Mitigator | 2025-04-03 | N/A |
| Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests. | ||||
| CVE-2004-1750 | 1 Vnc | 1 Realvnc | 2025-04-03 | N/A |
| RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900. | ||||
| CVE-2004-1751 | 1 Massive Entertainment | 1 Ground Control Ii Operation Exodus | 2025-04-03 | N/A |
| Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error. | ||||
| CVE-2004-1752 | 1 Nakedsoft | 1 Gaucho | 2025-04-03 | N/A |
| Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | ||||