Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2016 | 1 Netchat | 1 Subnet Chat Application | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HTTP server in NetChat 7.3 and earlier allows remote attackers to execute arbitrary code via a long GET request. | |||||
| CVE-2004-2017 | 1 Turbotraffictrader | 1 Turbotraffictrader C | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel. | |||||
| CVE-2004-2018 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2004-2019 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 5.0 MEDIUM | N/A |
| The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message. | |||||
| CVE-2004-2021 | 1 Oscommerce | 1 Oscommerce | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in file_manager.php in osCommerce 2.2 allows remote attackers to view arbitrary files via a .. (dot dot) in the filename argument. | |||||
| CVE-2004-2022 | 1 Activestate | 1 Activeperl | 2017-07-10 | 2.1 LOW | N/A |
| ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. | |||||
| CVE-2004-2026 | 1 Apsis | 1 Pound | 2017-07-10 | 7.5 HIGH | N/A |
| Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages. | |||||
| CVE-2004-2027 | 1 Icecast | 1 Icecast | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read. | |||||
| CVE-2004-2028 | 1 E107 | 1 E107 | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php. | |||||
| CVE-2004-2029 | 1 Trevor Hogan | 1 Bnbt | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value. | |||||
| CVE-2004-2030 | 1 Liferay | 1 Liferay Enterprise Portal | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject. | |||||
| CVE-2004-2031 | 1 E107 | 1 E107 | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields. | |||||
| CVE-2004-2032 | 1 Netgear | 1 Rp114 | 2017-07-10 | 7.5 HIGH | N/A |
| Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. | |||||
| CVE-2004-2033 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | |||||
| CVE-2004-2034 | 1 Wildtangent | 1 Webdriver | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to execute arbitrary code via a long filename. | |||||
| CVE-2004-2035 | 1 Minishare | 1 Minimal Http Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. | |||||
| CVE-2004-2036 | 1 Jportal | 1 Jportal Web Portal | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter. | |||||
| CVE-2004-2037 | 1 Mollensoft Software | 1 Lightweight Ftp Server | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an interactive FTP client. | |||||
| CVE-2004-2038 | 1 Neocrome | 1 Land Down Under | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. | |||||
| CVE-2004-2039 | 1 E107 | 1 E107 | 2017-07-10 | 5.0 MEDIUM | N/A |
| e107 0.615 allows remote attackers to obtain sensitive information via a direct request to (1) alt_news.php, (2) backend_menu.php, (3) clock_menu.php, (4) counter_menu.php, (5) login_menu.php, and other files, which reveal the full path in a PHP error message. | |||||