Export limit exceeded: 361620 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (361620 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1830 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.
CVE-2004-1831 1 Techland 1 Chrome 2026-04-16 N/A
Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large length value, which leads to a null dereference or out-of-bounds read.
CVE-2004-1832 1 Apple 1 Mac Os X Server 2026-04-16 N/A
Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660.
CVE-2004-0180 2 Cvs, Redhat 3 Cvs, Enterprise Linux, Linux 2026-04-16 N/A
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
CVE-2004-1835 1 Invision Power Services 1 Invision Gallery 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters.
CVE-2004-1836 1 Invision Power Services 1 Invision Power Top Site List 2026-04-16 N/A
SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action.
CVE-2004-1839 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message.
CVE-2004-1841 1 Ms Analysis 1 Website Traffic Analyzer 2026-04-16 N/A
SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request.
CVE-2004-1843 1 Expinion.net 1 Member Management System 2026-04-16 N/A
SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp.
CVE-2005-1865 1 Vincent Hor 1 Calendarix Advanced 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote attackers to execute arbitrary SQL commands via the catview parameter to (1) cal_week.php, (2) cal_cat.php, or (3) cal_day.php, or (4) id parameter to cal_pophols.php.
CVE-2004-1844 1 Expinion.net 1 Member Management System 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp.
CVE-2004-1846 1 Expinion.net 1 News Manager Lite 2026-04-16 N/A
Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp.
CVE-2004-1848 2 Ipswitch, Progress 2 Ws Ftp Server, Ws Ftp Server 2026-04-16 N/A
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
CVE-2005-1866 1 Vincent Hor 1 Calendarix Advanced 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter.
CVE-2004-1849 1 Cpanel 1 Cpanel 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.
CVE-1999-1124 1 Allaire 1 Coldfusion 2026-04-16 N/A
HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host.
CVE-2004-1852 1 Solarwinds 1 Dameware Mini Remote Control 2026-04-16 N/A
DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.
CVE-2004-1856 1 Hp 1 Web Jetadmin 2026-04-16 N/A
devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to upload arbitrary files to the printer directory.
CVE-1999-1134 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.
CVE-2005-1870 1 Popper 1 Popper 2026-04-16 N/A
PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter.