Export limit exceeded: 366926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1586 1 Jera Technology 1 Flash Messaging Server 2026-04-16 N/A
Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected.
CVE-2004-1587 1 Monolith Productions 4 Alien Versus Predator, Blood, No One Lives Forever and 1 more 2026-04-16 N/A
Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query.
CVE-2004-1588 1 Gosmart 1 Gosmart Message Board 2026-04-16 N/A
SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp.
CVE-2004-1589 1 Gosmart 1 Gosmart Message Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp.
CVE-2004-1590 1 Clientexec 1 Clientexec 2026-04-16 N/A
Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.
CVE-2004-1591 1 Micronet 1 Sp916bm 2026-04-16 N/A
The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2004 resets the password to the default password when the router is shut off, which could allow remote attackers to gain access.
CVE-2004-1592 1 Ocportal 1 Ocportal 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the req_path parameter to reference a URL on a remote web server that contains a malicious funcs.php script.
CVE-2004-1593 1 Sct Corporation 1 Campus Pipeline 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allows remote attackers to inject arbitrary web script or HTML via the utf parameter.
CVE-2004-1594 1 E-zone Media Inc. 1 Fusetalk 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrary web script via an img src tag.
CVE-2004-1595 1 Shixxnote 1 Shixxnote 2026-04-16 N/A
Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.
CVE-2004-1596 1 3com 1 3cradsl72 2026-04-16 N/A
The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive information such as passwords and router settings via a direct HTTP request to app_sta.stm.
CVE-2004-1597 1 Rim 1 Blackberry 2026-04-16 N/A
RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.
CVE-2004-1598 1 Adobe 2 Acrobat, Acrobat Reader 2026-04-16 N/A
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
CVE-2004-1599 1 Coolphp 1 Coolphpweb Portal 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to execute arbitrary web script or HTML via the (1) query or (2) nick parameters.
CVE-2004-1600 1 Coolphp 1 Coolphp 2026-04-16 N/A
index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid op parameter, which reveals the path in an error message.
CVE-2004-1601 1 Coolphp 1 Coolphp Web Portal 2026-04-16 N/A
Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to access arbitrary files and execute local PHP scripts via a .. (dot dot) in the op parameter.
CVE-2004-1602 1 Proftpd 1 Proftpd 2026-04-16 N/A
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
CVE-2004-1603 1 Cpanel 1 Cpanel 2026-04-16 5.5 Medium
cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.
CVE-2004-1604 1 Cpanel 1 Cpanel 2026-04-16 N/A
cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
CVE-2004-1605 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator.