Export limit exceeded: 345051 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345051 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345051 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2017 | 1 Turbotraffictrader | 1 Turbotraffictrader C | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel. | ||||
| CVE-2004-2018 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-2021 | 1 Oscommerce | 1 Oscommerce | 2026-04-16 | N/A |
| Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument. | ||||
| CVE-2004-2022 | 1 Activestate | 1 Activeperl | 2026-04-16 | N/A |
| ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. | ||||
| CVE-2004-2024 | 1 Zen Cart | 1 Zen Cart | 2026-04-16 | N/A |
| The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | ||||
| CVE-2004-2025 | 1 Zen Cart | 1 Zen Cart | 2026-04-16 | N/A |
| SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. | ||||
| CVE-2004-2026 | 1 Apsis | 1 Pound | 2026-04-16 | N/A |
| Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages. | ||||
| CVE-2004-2045 | 1 Conceptronic | 1 Cadslr1 Adsl Router | 2026-04-16 | N/A |
| The HTTP administration interface on Conceptronic CADSLR1 ADSL router running firmware 3.04n allows remote attackers to cause a denial of service (device reboot) via an HTTP request with a long username. | ||||
| CVE-2004-2046 | 1 Apc | 1 Powerchute | 2026-04-16 | N/A |
| Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack vectors. | ||||
| CVE-1999-1583 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument. | ||||
| CVE-2004-2049 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2026-04-16 | N/A |
| eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access. | ||||
| CVE-2004-2050 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2026-04-16 | N/A |
| eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell. | ||||
| CVE-2004-2057 | 1 Xlinesoft | 1 Asprunner | 2026-04-16 | N/A |
| SQL injection vulnerability in ASPRunner 2.4 allows remote attackers to execute arbitrary SQL statements. | ||||
| CVE-2004-2058 | 1 Xlinesoft | 1 Asprunner | 2026-04-16 | N/A |
| ASPRunner 2.4 allows remote attackers to gain sensitive information via (1) hidden form fields or (2) error messages. | ||||
| CVE-2001-1440 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system. | ||||
| CVE-2001-1459 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. | ||||
| CVE-2004-2059 | 1 Xlinesoft | 1 Asprunner | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parameter in [TABLE-NAME]_edit.asp, (3) SearchFor parameter in [TABLE]_list.asp, or (4) SQL parameter in export.asp. | ||||
| CVE-2002-1179 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. | ||||
| CVE-2004-2062 | 1 Antiboard | 1 Antiboard | 2026-04-16 | N/A |
| SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the (1) thread_id, (2) parent_id, or (3) mode parameters. | ||||
| CVE-2002-2164 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. | ||||