Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1016 1 Adobe 1 Digital Editions 2026-04-16 N/A
Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files.
CVE-2002-1021 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
CVE-2004-1480 1 Hp 1 Storageworks Command View 2026-04-16 N/A
Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions.
CVE-2004-1509 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message.
CVE-2004-1511 1 Hotfoon Corporation 1 Hotfoon 2026-04-16 N/A
Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote attackers to execute arbitrary code via a certain link sent in a chat window.
CVE-2004-1513 1 Soft3304 1 04webserver 2026-04-16 N/A
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.
CVE-2004-1516 1 Phpwebsite 1 Phpwebsite 2026-04-16 N/A
CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the block_username parameter in the user module.
CVE-2002-1025 1 Macromedia 1 Jrun 2026-04-16 N/A
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
CVE-2004-1517 1 Zonelabs 1 Imsecure 2026-04-16 N/A
Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions.
CVE-2004-1831 1 Techland 1 Chrome 2026-04-16 N/A
Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large length value, which leads to a null dereference or out-of-bounds read.
CVE-2004-1910 1 Symantec 1 Security Check Virus Detection 2026-04-16 N/A
rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, although a crash is acknowledged.
CVE-2002-1047 1 Watchguard 1 Soho Firewall 2026-04-16 N/A
The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name.
CVE-2004-1873 1 Alan Ward 1 A-cart 2026-04-16 N/A
SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to gain privileges via the catcode parameter.
CVE-2004-1914 2 Francisco Burzi, Shiba-design 2 Php-nuke, Nukecalendar 2026-04-16 N/A
SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to execute arbitrary SQL commands via the eid parameter.
CVE-2004-1879 1 Phpkit 1 Phpkit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages.
CVE-2004-1881 1 Cactusoft 1 Cactushop 2026-04-16 N/A
SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.
CVE-2002-1050 1 Hylafax 1 Hylafax 2026-04-16 N/A
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
CVE-2004-1937 1 Nuked-klan 1 Nuked-klan 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to read or include arbitrary files via .. sequences in (1) the user_langue parameter to index.php or (2) the langue parameter to update.php, or modify arbitrary GLOBAL variables by causing globals.php to be loaded before conf.inc.php via (3) .. sequences in the file parameter with the page parameter set to globals, or (4) ../globals.php in the user_langue parameter, as demonstrated by modifying $nuked[prefix] in the Suggest module.
CVE-2004-1953 1 Phprofession 1 Phprofession 2026-04-16 N/A
phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message.
CVE-2004-1955 1 Phprofession 1 Phprofession 2026-04-16 N/A
SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter.