Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1402 1 Iwebnegar 1 Iwebnegar 2026-04-16 N/A
SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php, (2) comments.php, or (3) the administrator login page.
CVE-2004-2073 1 Vserver 1 Linux-vserver 2026-04-16 N/A
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
CVE-1999-1245 1 Ucd-snmp 1 Ucd-snmp 2026-04-16 N/A
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information.
CVE-2002-1415 1 Webeasymail 1 Webeasymail 2026-04-16 N/A
Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in SMTP requests.
CVE-2004-0331 1 Dell 1 Openmanage 2026-04-16 N/A
Heap-based buffer overflow in Dell OpenManage Web Server 3.4.0 allows remote attackers to cause a denial of service (crash) via a HTTP POST with a long application variable.
CVE-2004-1403 1 Sir 1 Gnuboard 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code.
CVE-1999-1246 1 Microsoft 1 Site Server 2026-04-16 N/A
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
CVE-2002-1417 1 Novell 2 Netware, Small Business Suite 2026-04-16 N/A
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.
CVE-2004-0332 1 Extremail 1 Extremail 2026-04-16 N/A
Extremail 1.5.9 does not check passwords correctly when they are all digits or begin with a digit, which allows remote attackers to gain privileges.
CVE-2004-1406 1 Ikonboard.com 1 Ikonboard 2026-04-16 N/A
SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the (1) st or (2) keywords parameter.
CVE-1999-1247 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
CVE-2002-1424 1 John G. Myers 1 Mpack 2026-04-16 N/A
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-0333 4 Gentoo, Openpkg, Uudeview and 1 more 4 Linux, Openpkg, Uudeview and 1 more 2026-04-16 N/A
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
CVE-2004-1407 1 Singapore 1 Image Gallery Web Application 2026-04-16 N/A
Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php.
CVE-2004-2074 1 Bolintech 1 Dream Ftp Server 2026-04-16 N/A
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
CVE-2004-2363 1 Phpx 1 Phpx 2026-04-16 N/A
Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting (XSS) attacks via hex-encoded tags, which bypass the check for literal "<", ">", "(", and ")" characters, as demonstrated using the limit parameter to forums.php and a variety of other vectors.
CVE-1999-1248 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.
CVE-2002-1425 1 John G. Myers 1 Mpack 2026-04-16 N/A
Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted.
CVE-2004-0334 1 Innomedia 1 Innomedia Videophone 2026-04-16 N/A
InnoMedia VideoPhone allows remote attackers to bypass Basic Authorization via an HTTP request to (1) videophone_admindetail.asp, (2) videophone_syscfg.asp, (3) videophone_upgrade.asp, or (4) videophone_sysctrl.asp that contains a trailing / (slash). NOTE: the original report mentioned AXIS 2100 Network Camera, but this was likely a cut-and-paste error.
CVE-2004-1408 1 Singapore 1 Image Gallery Web Application 2026-04-16 N/A
The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files.