Export limit exceeded: 344940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344940 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1841 | 1 Ms Analysis | 1 Website Traffic Analyzer | 2026-04-16 | N/A |
| SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request. | ||||
| CVE-2004-1815 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2026-04-16 | N/A |
| Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2004-1842 | 1 Phpnuke | 1 Php-nuke | 2026-04-16 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | ||||
| CVE-2004-1845 | 1 Expinion.net | 1 News Manager Lite | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp. | ||||
| CVE-2004-1867 | 1 Web Fresh | 1 Fresh Guest Book | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to inject arbitrary web script or HTML via the Name field. | ||||
| CVE-1999-0733 | 1 Vmware | 1 Workstation | 2026-04-16 | N/A |
| Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. | ||||
| CVE-2004-1859 | 1 Trend Micro | 1 Interscan Viruswall For Windows Nt | 2026-04-16 | N/A |
| Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-1918 | 1 Rsniff | 1 Rsniff | 2026-04-16 | N/A |
| RSniff 1.0 allows remote attackers to cause a denial of service (connection exhaustion) via a large number of connections with a command other than AUTHENTICATE, or without any data, which prevents the socket from being closed properly. | ||||
| CVE-2004-1925 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to execute arbitrary SQL commands via the sort_mode parameter in (1) tiki-usermenu.php, (2) tiki-list_file_gallery.php, (3) tiki-directory_ranking.php, (4) tiki-browse_categories.php, (5) tiki-index.php, (6) tiki-user_tasks.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-file_galleries.php, (10) tiki-list_faqs.php, (11) tiki-list_trackers.php, (12) tiki-list_blogs.php, or via the offset parameter in (13) tiki-usermenu.php, (14) tiki-browse_categories.php, (15) tiki-index.php, (16) tiki-user_tasks.php, (17) tiki-list_faqs.php, (18) tiki-list_trackers.php, or (19) tiki-list_blogs.php. | ||||
| CVE-2004-1927 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2026-04-16 | N/A |
| Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter. | ||||
| CVE-2004-1932 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter. | ||||
| CVE-2004-1936 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters. | ||||
| CVE-2004-1945 | 1 Kinesphere Corporation | 1 Exchange Pop3 | 2026-04-16 | N/A |
| Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field. | ||||
| CVE-2004-1954 | 1 Phprofession | 1 Phprofession | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter. | ||||
| CVE-2004-1965 | 1 Openbb | 1 Openbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php. | ||||
| CVE-2004-1967 | 1 Openbb | 1 Openbb | 2026-04-16 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary code by including the code in an image tag or a link. | ||||
| CVE-2004-1981 | 1 Businessobjects | 2 Crystal Enterprise, Crystal Reports | 2026-04-16 | N/A |
| The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder. | ||||
| CVE-2004-1984 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2026-04-16 | N/A |
| Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) phpinfo.php, (2) addpic.php, (3) config.php, (4) db_input.php, (5) displayecard.php, (6) ecard.php, (7) crop.inc.php, which reveal the full path in a PHP error message. | ||||
| CVE-2004-1995 | 1 Fusetalk | 1 Fusetalk | 2026-04-16 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm. | ||||
| CVE-1999-0734 | 1 Cisco | 1 Ciscosecure | 2026-04-16 | N/A |
| A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. | ||||