Export limit exceeded: 363135 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2348 1 Sybari 1 Antigen 2026-04-16 N/A
Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to cause a denial of service (hang) via an encrypted ZIP file with the "include full path info" option set, as used by certain variants of the Beagle/Bagle worm.
CVE-2004-2349 1 Tunez 1 Tunez 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries.
CVE-2004-2350 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter.
CVE-2004-2351 1 Martin Bauer 1 Gbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GBook for Php-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via multiple parameters, including (1) name, (2) email, (3) city, and (4) message, which do not use the <script> and <style> tags, which are filtered by PHP-Nuke.
CVE-2004-2352 1 Martin Bauer 1 Gbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GBook for PHP-Nuke 1.0 allows remote attackers to inject arbitrary web script or HTML via cookies that are stored in the $_COOKIE PHP variable, which is not cleansed by PHP-Nuke.
CVE-2004-2355 1 Crafty Syntax Live Help 1 Crafty Syntax Live Help 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session.
CVE-2004-2356 1 Fizmez 1 Fizmez Web Server 2026-04-16 N/A
Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, which triggers a null pointer dereference.
CVE-2004-2357 1 Proofpoint 1 Proofpoint Protection Server 2026-04-16 N/A
The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
CVE-2004-2358 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2004-2359 1 Dell 1 Truemobile 1300 Wlan Mini-pci Card Util Trayapplet 2026-04-16 N/A
Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality.
CVE-2004-2360 1 Targem Games 1 Battle Mages 2026-04-16 N/A
Targem Battle Mages 1.0 allows remote attackers to cause a denial of service (infinite loop) via a UDP packet with incomplete data, which causes the server to enter an infinite loop while waiting to read the rest of the data that is not sent.
CVE-2004-2444 1 Jaws 1 Jaws 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Jaws 0.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
CVE-2004-2362 1 Phpx 1 Phpx 2026-04-16 N/A
PHPX 3.2.6 and earlier allows remote attackers to obtain the physical path of PHPX via a null or invalid value in the limit parameter, which leaks the pathname in a database error message, as demonstrated using forums.php.
CVE-2004-2363 1 Phpx 1 Phpx 2026-04-16 N/A
Validate-Before-Canonicalize vulnerability in the checkURI function in functions.inc.php in PHPX 3.0 through 3.2.6 allows remote attackers to conduct cross-site scripting (XSS) attacks via hex-encoded tags, which bypass the check for literal "<", ">", "(", and ")" characters, as demonstrated using the limit parameter to forums.php and a variety of other vectors.
CVE-2004-2364 1 Phpx 1 Phpx 2026-04-16 N/A
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
CVE-2004-2365 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
Memory leak in Microsoft Windows XP and Windows Server 2003 allows local users to cause a denial of service (memory exhaustion) by repeatedly creating and deleting directories using a non-standard tool such as smbmount.
CVE-2004-2366 1 Globalscape 1 Secure Ftp Server 2026-04-16 N/A
Buffer overflow in GlobalSCAPE Secure FTP Server 2.0 B03.11.2004.2 allows remote attackers to cause a denial of service (crash) via a SITE command with a long argument.
CVE-2004-2367 1 Texas Imperial Software 2 Wftpd, Wftpd Pro 2026-04-16 N/A
The Control Panel applet in WFTPD and WFTPD Pro 3.21 R1 and R2 allows remote authenticated users to cause a denial of service (crash) via a long FTP command.
CVE-2004-2368 1 The Opt-x Project 1 Opt-x 2026-04-16 N/A
PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter.
CVE-2004-2370 1 Cerulean Studios 2 Trillian, Trillian Pro 2026-04-16 N/A
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.