Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1915 | 1 Lcdproc | 1 Lcdproc | 2025-04-03 | N/A |
| Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execute arbitrary code via a large number of arguments. | ||||
| CVE-2004-1917 | 1 Lcdproc | 1 Lcdproc | 2025-04-03 | N/A |
| Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the str variable. | ||||
| CVE-2004-1918 | 1 Rsniff | 1 Rsniff | 2025-04-03 | N/A |
| RSniff 1.0 allows remote attackers to cause a denial of service (connection exhaustion) via a large number of connections with a command other than AUTHENTICATE, or without any data, which prevents the socket from being closed properly. | ||||
| CVE-2004-1919 | 1 Crackalaka | 1 Crackalaka | 2025-04-03 | N/A |
| The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via large malformed strings. | ||||
| CVE-2005-1083 | 1 Aewebworks | 1 Aedating | 2025-04-03 | N/A |
| index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter. | ||||
| CVE-2004-1975 | 1 Php Arena | 1 Pafiledb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551. | ||||
| CVE-2004-1952 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2025-04-03 | N/A |
| SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password. | ||||
| CVE-2004-1953 | 1 Phprofession | 1 Phprofession | 2025-04-03 | N/A |
| phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message. | ||||
| CVE-2004-1954 | 1 Phprofession | 1 Phprofession | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in phProfession 2.5 allows remote attackers to inject arbitrary web script or HTML via the jcode parameter. | ||||
| CVE-2004-1955 | 1 Phprofession | 1 Phprofession | 2025-04-03 | N/A |
| SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter. | ||||
| CVE-2004-1956 | 1 Postnuke Software Foundation | 1 Postnuke | 2025-04-03 | N/A |
| PostNuke 0.7.2.6 allows remote attackers to gain information via a direct HTTP request to files in the (1) includes/blocks directory, (2) pnadodb directory, (3) NS-NewUser module, (4) NS-Your_Account, (5) NS-LostPassword module, or (6) NS-User module which reveals the path to the web server in a PHP error message. | ||||
| CVE-2004-2015 | 1 Webct | 1 Webct | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags. | ||||
| CVE-2004-2016 | 1 Netchat | 1 Subnet Chat Application | 2025-04-03 | N/A |
| Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. | ||||
| CVE-2004-2018 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-2019 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. | ||||
| CVE-2004-2021 | 1 Oscommerce | 1 Oscommerce | 2025-04-03 | N/A |
| Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument. | ||||
| CVE-2004-2046 | 1 Apc | 1 Powerchute | 2025-04-03 | N/A |
| Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack vectors. | ||||
| CVE-2004-2047 | 1 Easyweb | 1 Easyweb Filemanager | 2025-04-03 | N/A |
| Directory traversal vulnerability in EasyWeb FileManager 1.0 RC-1 for PostNuke allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the pathext parameter. | ||||
| CVE-2004-2050 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2025-04-03 | N/A |
| eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell. | ||||
| CVE-2004-2062 | 1 Antiboard | 1 Antiboard | 2025-04-03 | N/A |
| SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the (1) thread_id, (2) parent_id, or (3) mode parameters. | ||||