Export limit exceeded: 29920 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29920 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2412 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp. | ||||
| CVE-2004-2410 | 1 Samhain Labs | 1 Samhain | 2026-04-16 | N/A |
| Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference). | ||||
| CVE-2004-2422 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. | ||||
| CVE-2004-2421 | 1 Hitachi | 3 Jp1 P-1b41-9461, Jp1 P-1b41-9471, Jp1 P-1j41-9471 | 2026-04-16 | N/A |
| Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights. | ||||
| CVE-2004-2431 | 1 The Ignition Project | 1 Ignitionserver | 2026-04-16 | N/A |
| Unknown vulnerability in The Ignition Project ignitionServer 0.1.2 through 0.3.1, with the linking service enabled, allows remote attackers to bypass authentication. | ||||
| CVE-2004-2436 | 1 Broadcom | 3 Common Services, Unicenter Network And Systems Management, Unicenter Serviceplus Service Desk | 2026-04-16 | N/A |
| Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges. | ||||
| CVE-2004-2438 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the (1) Submit News, (2) Submit Link or (3) Submit Article field. | ||||
| CVE-2006-4680 | 1 Canon | 7 Imagerunner 2620, Imagerunner 5020, Imagerunner 6870 and 4 more | 2026-04-16 | N/A |
| The Remote UI in Canon imageRUNNER includes usernames and passwords when exporting an address book, which allows context-dependent attackers to obtain sensitive information. | ||||
| CVE-2004-2448 | 2 Cassiopeia, Itransact | 2 S-mart Shopping Cart, Redicart | 2026-04-16 | N/A |
| S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name. | ||||
| CVE-2006-4684 | 1 Zope | 1 Zope | 2026-04-16 | N/A |
| The docutils module in Zope (Zope2) 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText (reST) markup, which allows remote attackers to read arbitrary files via a csv_table directive, a different vulnerability than CVE-2006-3458. | ||||
| CVE-2004-2445 | 1 Jaws | 1 Jaws | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. (dot dot) in the gadget parameter. | ||||
| CVE-2004-2457 | 1 3com | 1 3crwe754g72-a | 2026-04-16 | N/A |
| Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. | ||||
| CVE-2004-2458 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | ||||
| CVE-2004-2459 | 1 Gnu | 1 Gnubiff | 2026-04-16 | N/A |
| Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. | ||||
| CVE-2004-2456 | 1 Minibb | 1 Minibb | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | ||||
| CVE-2004-2474 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php. | ||||
| CVE-2004-2488 | 1 Nexgen | 1 Nexgen Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via "C:" sequences in the (1) RETR (get), (2) NLST (ls), (3) LIST (ls), (4) RNFR, or (5) RNTO FTP commands. | ||||
| CVE-2004-2487 | 1 Nexgen | 1 Nexgen Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via (1) "..", (2) "\..\" (backslash dot dot), or (3) "/../" sequences in (a) RETR (get), (b) NLST (ls), (c) LIST (ls), (d) RNFR, or (e) RNTO FTP commands. | ||||
| CVE-2004-2643 | 1 Microsoft | 1 Cabarc | 2026-04-16 | N/A |
| Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive. | ||||
| CVE-2006-4708 | 1 Vikingboard | 1 Vikingboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Vikingboard 0.1b allow remote attackers to inject arbitrary web script or HTML via the (1) act parameter in (a) help.php and (b) search.php, and the (2) p parameter in report.php. | ||||