Search Results (367106 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1878 1 Linbit Technologies 1 Linbox Officeserver 2026-04-16 N/A
LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a direct request to admin/user.pl preceded by // (double leading slash).
CVE-2004-1879 1 Phpkit 1 Phpkit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages.
CVE-2004-1880 1 Openldap 1 Openldap 2026-04-16 N/A
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption).
CVE-2004-1881 1 Cactusoft 1 Cactushop 2026-04-16 N/A
SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.
CVE-2004-1882 1 Cactusoft 1 Cactushop 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter.
CVE-2004-1934 1 Isesam 1 Gemitel 2026-04-16 N/A
PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 allows remote attackers to execute arbitrary PHP code via the base parameter.
CVE-2004-1883 1 Progress 1 Ws Ftp Server 2026-04-16 N/A
Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.
CVE-2004-1884 2 Ipswitch, Progress 3 Ws Ftp Pro, Ws Ftp Server, Ws Ftp Server 2026-04-16 N/A
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
CVE-2004-1885 1 Progress 1 Ws Ftp Server 2026-04-16 N/A
Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.
CVE-2004-1887 1 Ada 1 Imgsvr 2026-04-16 N/A
Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
CVE-2004-1888 1 Aborior 1 Encore Web Forum 2026-04-16 N/A
display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacharacters in the file variable.
CVE-2004-1889 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via a link failure with Microsoft Windows.
CVE-2004-1890 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (hang) via the PORT mode.
CVE-2004-1891 1 Sgi 1 Irix 2026-04-16 N/A
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
CVE-2004-1892 1 Emule 1 Emule 2026-04-16 N/A
Stack-based buffer overflow in DecodeBase16 function, as used in the (1) IRC module and (2) web server in eMule 0.42d, allows remote attackers to execute arbitrary code via a long string.
CVE-2004-1893 1 Macromedia 2 Dreamweaver, Dreamweaver Ultradev 2026-04-16 N/A
Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a direct request to mmhttpdb.asp.
CVE-2004-1894 1 Pragma Ade 1 Context 2026-04-16 N/A
TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrary files via a symlink attack on texutil.log.
CVE-2004-1895 1 Suse 1 Suse Linux 2026-04-16 N/A
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies.
CVE-2004-1896 1 Nullsoft 1 Winamp 2026-04-16 N/A
Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attackers to execute arbitrary code via a Fasttracker 2 (.xm) mod media file.
CVE-2004-1897 1 Tildeslash 1 Monit 2026-04-16 N/A
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read.