Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2405 1 F-secure 4 F-secure Anti-virus, F-secure For Firewalls, F-secure Internet Security and 1 more 2026-04-16 N/A
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
CVE-2004-2412 1 Virtual Programming 1 Vp-asp 2026-04-16 N/A
Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp.
CVE-2005-4361 1 Magnolia 1 Content Management Suite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.html in Magnolia Content Management Suite 2.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2004-2417 1 Smtp.proxy 1 Smtp.proxy 2026-04-16 N/A
Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message.
CVE-2004-2422 1 Ipswitch 1 Imail 2026-04-16 N/A
Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component.
CVE-2005-4364 1 Hot Banana 1 Web Content Management Suite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.cfm in Hot Banana Web Content Management Suite 5.3 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
CVE-2005-4373 1 Liquid Bytes Technologies 1 Adaptive Website Framework 2026-04-16 N/A
Adaptive Website Framework (AWF) 2.10 and earlier allows remote attackers to obtain the full path of the application via an invalid mode parameter to community.html, which leaks the path in an error message.
CVE-2005-4374 1 Allinta 1 Allinta 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery parameter to search.asp.
CVE-2004-2428 1 Abczone.it 1 Wwwguestbook 2026-04-16 N/A
Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the plaintext username and password.
CVE-2004-2436 1 Broadcom 3 Common Services, Unicenter Network And Systems Management, Unicenter Serviceplus Service Desk 2026-04-16 N/A
Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.
CVE-1999-1450 1 Sco 2 Openserver, Unixware 2026-04-16 N/A
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
CVE-1999-1460 1 Bmc 1 Patrol Agent 2026-04-16 N/A
BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
CVE-2005-4381 1 Caravel Cms 1 Caravel Cms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Caravel CMS 3.0 Beta 1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) fileDN and (2) folderviewer_attrs parameters.
CVE-2004-2448 2 Cassiopeia, Itransact 2 S-mart Shopping Cart, Redicart 2026-04-16 N/A
S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name.
CVE-2005-4390 1 Contentserv 1 Contentserv 2026-04-16 N/A
SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter.
CVE-2004-2453 1 Tutti Nova 1 Tutti Nova 2026-04-16 N/A
Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors.
CVE-2005-4399 1 Libertas Solutions 1 Libertas Enterprise Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search/index.php in Libertas Enterprise CMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page_search parameter.
CVE-2004-2455 1 Sweex 1 Wireless Broadband Router Accesspoint 802.11g 2026-04-16 N/A
Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.
CVE-2005-4401 1 Lutece 1 Lutece 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Lutece 1.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the query parameter.
CVE-2004-2599 1 Id Software 1 Quake Ii Server 2026-04-16 N/A
Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon.