Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1566 | 1 Silent-storm | 1 Silent-storm Portal | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module parameter. | ||||
| CVE-2004-1567 | 1 Silent-storm | 1 Silent-storm Portal | 2025-04-03 | N/A |
| profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator. | ||||
| CVE-2004-1568 | 1 Parachat | 1 Parachat Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL. | ||||
| CVE-2004-1570 | 1 Eaden Mckee | 1 Bblog | 2025-04-03 | N/A |
| SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter. | ||||
| CVE-2004-1574 | 1 Vypress | 1 Vypres Messenger | 2025-04-03 | N/A |
| Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote attackers to execute arbitrary code via a message with a long first field. | ||||
| CVE-2004-1577 | 1 Greg Donald | 1 Phplinks | 2025-04-03 | N/A |
| index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message. | ||||
| CVE-2004-1575 | 1 Apache | 1 Xerces-c\+\+ | 2025-04-03 | N/A |
| The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document. | ||||
| CVE-2004-1584 | 1 Wordpress | 1 Wordpress | 2025-04-03 | N/A |
| CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the text parameter. | ||||
| CVE-2004-1586 | 1 Jera Technology | 1 Flash Messaging Server | 2025-04-03 | N/A |
| Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected. | ||||
| CVE-2004-1588 | 1 Gosmart | 1 Gosmart Message Board | 2025-04-03 | N/A |
| SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp. | ||||
| CVE-2004-1589 | 1 Gosmart | 1 Gosmart Message Board | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp. | ||||
| CVE-2004-1590 | 1 Clientexec | 1 Clientexec | 2025-04-03 | N/A |
| Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function. | ||||
| CVE-2004-1585 | 1 Jera Technology | 1 Flash Messaging | 2025-04-03 | N/A |
| Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters. | ||||
| CVE-2004-1593 | 1 Sct Corporation | 1 Campus Pipeline | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter. | ||||
| CVE-2004-1594 | 1 E-zone Media Inc. | 1 Fusetalk | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag. | ||||
| CVE-2004-1597 | 1 Rim | 1 Blackberry | 2025-04-03 | N/A |
| RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored. | ||||
| CVE-2004-1598 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | N/A |
| Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory. | ||||
| CVE-2004-1599 | 1 Coolphp | 1 Coolphpweb Portal | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to execute arbitrary web script or HTML via the (1) query or (2) nick parameters. | ||||
| CVE-2004-1600 | 1 Coolphp | 1 Coolphp | 2025-04-03 | N/A |
| index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid op parameter, which reveals the path in an error message. | ||||
| CVE-2004-1605 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2025-04-03 | N/A |
| SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator. | ||||