Export limit exceeded: 346013 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346013 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29898 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29898 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1546 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. | ||||
| CVE-2004-1547 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long filename, possibly triggering a buffer overflow. | ||||
| CVE-2004-1548 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename. | ||||
| CVE-2004-1549 | 1 Onnuri Infotek | 1 Activepost Standard | 2026-04-16 | N/A |
| The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection. | ||||
| CVE-2004-1550 | 1 Motorola | 1 Wr850g | 2026-04-16 | N/A |
| Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | ||||
| CVE-2004-1551 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter. | ||||
| CVE-2004-1554 | 1 Alexphpteam | 1 Alex Guestbook | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1555 | 1 Broadboard Instant | 1 Asp Message Board | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp. | ||||
| CVE-2004-1556 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time. | ||||
| CVE-2004-1557 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a direct HTTP request to (1) /admin or (2) ServerProperties.html. | ||||
| CVE-2004-1558 | 1 Ypops | 1 Ypops | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request. | ||||
| CVE-2004-1561 | 1 Icecast | 1 Icecast | 2026-04-16 | N/A |
| Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers. | ||||
| CVE-2004-1563 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the (1) thread parameter to download_thread.php, (2) loginuser parameter to login.php, or (3) userid parameter to forgot_password.php. | ||||
| CVE-2004-1565 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter. | ||||
| CVE-2004-1566 | 1 Silent-storm | 1 Silent-storm Portal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module parameter. | ||||
| CVE-2004-1567 | 1 Silent-storm | 1 Silent-storm Portal | 2026-04-16 | N/A |
| profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator. | ||||
| CVE-2004-1568 | 1 Parachat | 1 Parachat Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL. | ||||
| CVE-2004-1562 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2004-1570 | 1 Eaden Mckee | 1 Bblog | 2026-04-16 | N/A |
| SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2004-1572 | 1 Aj-fork | 1 Aj-fork | 2026-04-16 | N/A |
| AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP request. | ||||