Export limit exceeded: 29834 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29834 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2190 | 1 Unzoo | 1 Unzoo | 2025-04-03 | N/A |
| Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. | ||||
| CVE-2004-2200 | 1 Duware | 1 Duforum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. | ||||
| CVE-2004-2203 | 1 Ansel | 1 Ansel | 2025-04-03 | N/A |
| Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories. | ||||
| CVE-2004-2205 | 1 Symantec Veritas | 1 Cluster Server | 2025-04-03 | N/A |
| Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors. | ||||
| CVE-2004-2206 | 1 Natterchat | 1 Natterchat | 2025-04-03 | N/A |
| SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-2207 | 1 Ideal Science | 1 Idealbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2004-2212 | 1 Alivesites | 1 Alivesites Forum | 2025-04-03 | N/A |
| SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter. | ||||
| CVE-2004-2213 | 1 Mbedthis Software | 1 Mbedthis Appweb Http Server | 2025-04-03 | N/A |
| Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request. | ||||
| CVE-2004-2215 | 1 Marc Lehmann | 1 Rxvt-unicode | 2025-04-03 | N/A |
| RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. | ||||
| CVE-2004-2216 | 1 Sun | 2 Java System Application Server, Java System Web Server | 2025-04-03 | N/A |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | ||||
| CVE-2005-1357 | 1 Text.cgi | 1 Text.cgi | 2025-04-03 | N/A |
| text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2004-2210 | 1 Express-web | 1 Express-web Content Management System | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp. | ||||
| CVE-2004-2218 | 1 Phpmywebhosting | 1 Phpmywebhosting | 2025-04-03 | N/A |
| SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL statements via the password parameter. | ||||
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | ||||
| CVE-2004-2223 | 1 Fsphpgallery | 1 Fsphpgallery | 2025-04-03 | N/A |
| FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | ||||
| CVE-2004-2224 | 1 Appfoundry | 1 Message Foundry | 2025-04-03 | N/A |
| Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | ||||
| CVE-2004-2225 | 1 Mozilla | 1 Firefox | 2025-04-03 | N/A |
| Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted data: URI that is not properly handled when the user clicks the Save button. | ||||
| CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2025-04-03 | N/A |
| Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | ||||
| CVE-2004-2231 | 1 Zero G | 1 Installanywhere | 2025-04-03 | N/A |
| Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files. | ||||
| CVE-2004-2232 | 1 Moodle | 1 Moodle | 2025-04-03 | N/A |
| SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | ||||