Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1532 1 Appserv Open Project 1 Appserv 2026-04-16 N/A
AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access.
CVE-2004-1533 1 Digital Mappings Systems 1 Pop3 Server 2026-04-16 N/A
Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a denial of service (service crash) via a long (1) username or (2) password.
CVE-2004-1535 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows remote attackers to execute arbitrary PHP code by modifying the phpbb_root_path parameter to reference a URL on a remote web server that contains the code.
CVE-2004-1536 1 Ipbproarcade 1 Ipbproarcade 2026-04-16 N/A
SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1.x and 2.x allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2004-1537 1 Phpkit 1 Phpkit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter.
CVE-2004-1538 1 Phpkit 1 Phpkit 2026-04-16 N/A
SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2004-1540 1 Zyxel 2 Prestige, Zynos 2026-04-16 N/A
ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file.
CVE-2004-1541 1 Van Dyke Technologies 1 Securecrt 2026-04-16 N/A
SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share.
CVE-2004-1558 1 Ypops 1 Ypops 2026-04-16 N/A
Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.
CVE-2004-1559 1 Wordpress 1 Wordpress 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.
CVE-2004-1560 1 Microsoft 1 Sql Server 2026-04-16 N/A
Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow.
CVE-2004-1627 1 Code-crafters 1 Ability Server 2026-04-16 N/A
Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command.
CVE-2004-1629 1 Distinct Web Creations 1 Dwc Articles 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier allow remote attackers to execute arbitrary SQL statements.
CVE-2004-2189 1 Dmxready 1 Dmxready Site Chassis Manager 2026-04-16 N/A
SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2004-2191 1 Turbotraffictrader 1 Turbotraffictrader Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters.
CVE-2004-2192 1 Turbotraffictrader 1 Turbotraffictrader Php 2026-04-16 N/A
SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter.
CVE-2004-2198 1 Duware 1 Duclassmate 2026-04-16 N/A
account.asp in DUware DUclassmate 1.0 through 1.1 allows remote attackers to change the passwords for arbitrary users by modifying the MM_recordId parameter on the "My Account" page.
CVE-2004-2213 1 Mbedthis Software 1 Mbedthis Appweb Http Server 2026-04-16 N/A
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request.
CVE-2004-2215 1 Marc Lehmann 1 Rxvt-unicode 2026-04-16 N/A
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges.
CVE-2004-2216 1 Sun 2 Java System Application Server, Java System Web Server 2026-04-16 N/A
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.