Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2138 | 1 Allwebscripts | 1 Mysqlguest | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field. | ||||
| CVE-2004-2139 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Unknown vulnerability in Adminedit.pl YaBB 1 Gold before 1.3.2 allows attackers to execute arbitrary code via settings.pl. | ||||
| CVE-2004-2140 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. | ||||
| CVE-2004-2144 | 1 Baalsystems | 1 Baal Smart Forms | 2026-04-16 | N/A |
| Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php. | ||||
| CVE-2004-2146 | 1 Pd9 Software | 1 Megabbs | 2026-04-16 | N/A |
| CRLF injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows attackers to conduct HTTP response splitting attacks via the fid parameter in a writenew action to thread-post.asp. | ||||
| CVE-2004-2147 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | ||||
| CVE-2004-2148 | 1 Slava Astashonok | 1 Fprobe | 2026-04-16 | N/A |
| Unknown local vulnerability in the "change user" feature of Slava Astashonok Fprobe 1.0.5 and earlier has unknown impact and attack vectors. | ||||
| CVE-2004-2149 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | ||||
| CVE-2004-2150 | 1 Nettica | 1 Intellipeer Email Server | 2026-04-16 | N/A |
| Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and invalid account names, which allows remote attackers to determine valid account names. | ||||
| CVE-2004-2151 | 1 Virtual Projects | 1 Chatman | 2026-04-16 | N/A |
| Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size. | ||||
| CVE-2004-2152 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2004-2153 | 1 Real Estate Management Software | 1 Real Estate Management Software | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Real Estate Management Software 1.0 have unknown impact and attack vectors. | ||||
| CVE-2004-2157 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field. | ||||
| CVE-2004-2158 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. | ||||
| CVE-2004-2159 | 1 Xmlstarlet | 1 Command Line Xml Toolkit | 2026-04-16 | N/A |
| Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c. | ||||
| CVE-2004-2160 | 1 Xmlstarlet | 1 Command Line Xml Toolkit | 2026-04-16 | N/A |
| Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2004-2161 | 1 Tutos | 1 Tutos | 2026-04-16 | N/A |
| SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter. | ||||
| CVE-2004-2164 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption). | ||||
| CVE-2004-2165 | 1 Impressions Games | 1 Lords Of The Realm Iii | 2026-04-16 | N/A |
| Lords of the Realm III 1.01 and earlier, when in the lobby stage, allows remote attackers to cause a denial of service (crash from unallocated memory write) via a long user nickname. | ||||
| CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2026-04-16 | N/A |
| The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | ||||