Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1589 1 Gosmart 1 Gosmart Message Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp.
CVE-2004-1590 1 Clientexec 1 Clientexec 2026-04-16 N/A
Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.
CVE-2005-1734 1 Electricmonk 1 Proms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2004-0078 2 Mutt, Redhat 3 Mutt, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.
CVE-2004-1591 1 Micronet 1 Sp916bm 2026-04-16 N/A
The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2004 resets the password to the default password when the router is shut off, which could allow remote attackers to gain access.
CVE-2005-1738 1 Iron Bars Shell 1 Iron Bars Shell 2026-04-16 N/A
Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.
CVE-2004-1593 1 Sct Corporation 1 Campus Pipeline 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter.
CVE-1999-0675 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
CVE-2004-1597 1 Rim 1 Blackberry 2026-04-16 N/A
RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.
CVE-2004-1600 1 Coolphp 1 Coolphp 2026-04-16 N/A
index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid op parameter, which reveals the path in an error message.
CVE-2004-1643 1 Progress 1 Ws Ftp Server 2026-04-16 N/A
WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence.
CVE-1999-0743 1 Debian 1 Debian Linux 2026-04-16 N/A
Trn allows local users to overwrite other users' files via symlinks.
CVE-2004-1645 1 Jerod Moemeka 1 Xedus 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x.
CVE-2004-1646 1 Jerod Moemeka 1 Xedus 2026-04-16 N/A
Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2004-1647 1 Web Animations 1 Password Protect 2026-04-16 N/A
SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass authentication via (1) admin or Pass parameter to index_next.asp, (2) LoginId, OPass, or NPass to CPassChangePassword.asp, (3) users_edit.asp, or (4) users_add.asp.
CVE-2004-1648 1 Web Animations 1 Password Protect 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter.
CVE-2005-1759 1 Shtool 1 Shtool 2026-04-16 N/A
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.
CVE-2004-1652 1 Brickhost 1 Phpscheduleit 2026-04-16 N/A
phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges.
CVE-2004-1653 1 Openbsd 1 Openssh 2026-04-16 N/A
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
CVE-2004-1657 1 Newtelligence 1 Dasblog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers.