Search Results (362636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0731 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary script as other users via the input field.
CVE-2002-2171 1 Andrey Cherezov 1 Acweb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in acWEB 1.8 and 1.14 allows remote attackers to insert arbitrary HTML and web script via a URL, possibly via a "%db" request in a URL.
CVE-2002-2175 1 Php 1 Phpsquidpass 2026-04-16 N/A
phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username.
CVE-2002-2181 1 Sonicwall 1 Content Filtering 2026-04-16 N/A
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name.
CVE-2002-2183 1 Phpshare 1 Phpshare 2026-04-16 N/A
phpShare.php in phpShare before 0.6 beta 3 allows remote attackers to include and execute arbitrary PHP scripts from remote servers.
CVE-2002-2184 1 Digi-net Technologies 1 Digichat 2026-04-16 N/A
Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet.
CVE-2004-0733 1 Ollydbg 1 Ollydbg 2026-04-16 N/A
Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call.
CVE-2004-0738 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to execute arbitrary SQL via the (1) min or (2) categ parameters.
CVE-2004-0739 1 Snapfiles 1 Whisper Ftp Surfer 2026-04-16 N/A
Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long filename.
CVE-2004-0741 1 Lionmax Software 1 Www File Share Pro 2026-04-16 N/A
LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow.
CVE-2004-0742 1 Sun 1 Java System Calendar Server 2026-04-16 N/A
Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view.
CVE-2004-0961 2 Freeradius, Redhat 3 Freeradius, Enterprise Linux, Fedora Core 2026-04-16 N/A
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
CVE-2004-0750 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
CVE-2002-2185 6 Debian, Mandrakesoft, Microsoft and 3 more 11 Debian Linux, Mandrake Linux, Windows 98 and 8 more 2026-04-16 N/A
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
CVE-2002-2186 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL.
CVE-2002-2189 2 Activxperts Software, Microsoft 2 Activwebserver, Windows 2003 Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.
CVE-2002-2190 1 Artscore Studios 1 Cutecast Forum 2026-04-16 N/A
ArtsCore Studios CuteCast Forum 1.2 stores passwords in plaintext under the web document root, which allows remote attackers to obtain the passwords via an HTTP request to a .user file.
CVE-2004-0769 2 Mozilla, Redhat 2 Bugzilla, Enterprise Linux 2026-04-16 N/A
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771.
CVE-2002-2191 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner.
CVE-2002-2193 1 Mojo Mail 1 Mojo Mail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mojo.cgi for Mojo Mail 2.7 allows remote attackers to inject arbitrary web script via the email parameter.