Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-1881 1 Cactusoft 1 Cactushop 2026-04-16 N/A
SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote attackers to execute arbitrary SQL commands via the strItems parameter.
CVE-2004-1959 1 Protector System 1 Protector System 2026-04-16 N/A
blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive information via a string in the portNum parameter, which reveals the full path in an error message.
CVE-2002-0842 1 Oracle 1 Application Server 2026-04-16 N/A
Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string specifiers to be returned from dav_lookup_uri() in mod_dav.c, which is then used in a call to ap_log_rerror().
CVE-2004-2064 1 Verylost 1 Lostbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in lostBook 1.1 and earlier allows remote attackers to inject arbitrary web script via the (1) Email or (2) Website fields.
CVE-2004-2127 1 Leif M. Wright 1 Web Blog 2026-04-16 N/A
Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable.
CVE-2004-2129 1 Loom Software 2 Surfnow Professional, Surfnow Standard 2026-04-16 N/A
SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow.
CVE-2002-0859 1 Microsoft 2 Jet, Sql Server 2026-04-16 N/A
Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.
CVE-2004-2143 1 Mambo 1 Mambo Portal 2026-04-16 N/A
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
CVE-2004-2147 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body.
CVE-2004-2208 1 Ideal Science 1 Idealbb 2026-04-16 N/A
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.
CVE-2004-2276 1 F-secure 1 F-secure Anti-virus 2026-04-16 N/A
F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection.
CVE-2004-2284 1 Open Webmail 1 Open Webmail 2026-04-16 N/A
The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument.
CVE-2004-2298 1 Novell 2 Internet Messaging System, Netmail 2026-04-16 N/A
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
CVE-2004-2410 1 Samhain Labs 1 Samhain 2026-04-16 N/A
Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).
CVE-2002-0103 1 Oracle 1 Application Server Web Cache 2026-04-16 N/A
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.
CVE-2004-2485 1 Php Live 1 Php Live 2026-04-16 N/A
Unspecified vulnerability in PHP Live! before 2.8.2, due to a "major security problem," allows remote attackers to include arbitrary files and directories via unspecified attack vectors.
CVE-2004-2497 1 Hitachi 2 Web Page Generator, Web Page Generator Enterprise 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2004-2501 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.
CVE-2004-2593 1 Id Software 1 Quake Ii Server 2026-04-16 N/A
Buffer overflow in command-packet processing of Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a packet with a long cmd_args buffer.
CVE-2004-2644 1 Asn.1 Compiler 1 Asn.1 Compiler 2026-04-16 N/A
Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags.