Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2289 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file.
CVE-2004-2288 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter.
CVE-2004-2287 1 Dsm 1 Light Web File Browser 2026-04-16 N/A
Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. (dot dot) in the wdir parameter.
CVE-2004-2286 2 Activestate, Larry Wall 2 Activeperl, Perl 2026-04-16 N/A
Integer overflow in the duplication operator in ActivePerl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large multiplier, which may trigger a buffer overflow.
CVE-2004-2284 1 Open Webmail 1 Open Webmail 2026-04-16 N/A
The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument.
CVE-2004-2283 1 Daniel Barron 1 Dansguardian 2026-04-16 N/A
Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache.
CVE-2004-2275 1 I-mall Commerce 1 I-mall.cgi 2026-04-16 N/A
i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter.
CVE-2004-2272 1 Evan Sims 1 Effingerd 2026-04-16 N/A
Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command.
CVE-2004-2271 1 Minishare 1 Minimal Http Server 2026-04-16 N/A
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2004-2195 1 Zanfi Solutions 1 Zanfi Cms Lite 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.
CVE-2004-2194 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands.
CVE-2004-2193 1 Cjoverkill 1 Cjoverkill 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters.
CVE-2004-2192 1 Turbotraffictrader 1 Turbotraffictrader Php 2026-04-16 N/A
SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter.
CVE-2004-2191 1 Turbotraffictrader 1 Turbotraffictrader Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters.
CVE-2006-2110 1 Virtual Private Server 1 Vserver 2026-04-16 N/A
Virtual Private Server (Vserver) 2.0.x before 2.0.2-rc18 and 2.1.x before 2.1.1-rc18 provides certain context capabilities (ccaps) that allow local guest users to perform operations that were only intended to be allowed by the guest-root.
CVE-2004-2190 1 Unzoo 1 Unzoo 2026-04-16 N/A
Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors.
CVE-2004-2188 1 Dmxready 1 Dmxready Site Chassis Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2004-2187 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors.
CVE-2004-2186 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance.
CVE-2004-2185 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage.