Export limit exceeded: 367003 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 367003 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367003 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1832 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a denial of service (crash and restart) via a large amount of data to TCP port 660. | ||||
| CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2026-04-16 | N/A |
| The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | ||||
| CVE-2004-1834 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2026-04-16 | N/A |
| mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information. | ||||
| CVE-2004-1835 | 1 Invision Power Services | 1 Invision Gallery | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters. | ||||
| CVE-2004-1836 | 1 Invision Power Services | 1 Invision Power Top Site List | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to execute arbitrary SQL via the id parameter of the comments action. | ||||
| CVE-2004-1837 | 1 Joel Palmius | 1 Mod Survey | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remote attackers to inject arbitrary web script or HTML via the certain survey fields or error messages for malformed query strings. | ||||
| CVE-2004-1838 | 1 Xweb | 1 Xweb | 2026-04-16 | N/A |
| Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-1839 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message. | ||||
| CVE-2004-1840 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby parameter to modules.php, or (4) overview parameter to modules.php. | ||||
| CVE-2004-1841 | 1 Ms Analysis | 1 Website Traffic Analyzer | 2026-04-16 | N/A |
| SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request. | ||||
| CVE-2004-1842 | 1 Phpnuke | 1 Php-nuke | 2026-04-16 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | ||||
| CVE-2004-1843 | 1 Expinion.net | 1 Member Management System | 2026-04-16 | N/A |
| SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbitrary SQL via the ID parameter to (1) resend.asp or (2) news_view.asp. | ||||
| CVE-2004-1844 | 1 Expinion.net | 1 Member Management System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the err parameter to error.asp or (2) register.asp. | ||||
| CVE-2004-1845 | 1 Expinion.net | 1 News Manager Lite | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to category_news_headline.asp. | ||||
| CVE-2004-1846 | 1 Expinion.net | 1 News Manager Lite | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp. | ||||
| CVE-2004-1401 | 1 Asp-rider | 1 Asp-rider | 2026-04-16 | N/A |
| SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter. | ||||
| CVE-2004-1402 | 1 Iwebnegar | 1 Iwebnegar | 2026-04-16 | N/A |
| SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter for index.php, (2) comments.php, or (3) the administrator login page. | ||||
| CVE-2004-1403 | 1 Sir | 1 Gnuboard | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1404 | 1 Opentools | 1 Attachment Mod | 2026-04-16 | N/A |
| Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code. | ||||
| CVE-2004-1406 | 1 Ikonboard.com | 1 Ikonboard | 2026-04-16 | N/A |
| SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the (1) st or (2) keywords parameter. | ||||