ReportizFlow
Filtered by vendor
Subscriptions
Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2017 | 1 Turbotraffictrader | 1 Turbotraffictrader C | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel. | ||||
| CVE-2004-2029 | 1 Trevor Hogan | 1 Bnbt | 2026-04-16 | N/A |
| The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value. | ||||
| CVE-2004-2033 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2026-04-16 | N/A |
| Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | ||||
| CVE-2004-2038 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php. | ||||
| CVE-2004-2040 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php. | ||||
| CVE-2004-2048 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2026-04-16 | N/A |
| radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | ||||
| CVE-2004-2055 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. | ||||
| CVE-2004-0381 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2026-04-16 | N/A |
| mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file. | ||||
| CVE-2004-2062 | 1 Antiboard | 1 Antiboard | 2026-04-16 | N/A |
| SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the (1) thread_id, (2) parent_id, or (3) mode parameters. | ||||
| CVE-2004-2068 | 1 Leafnode | 1 Leafnode | 2026-04-16 | N/A |
| fetchnews in leafnode 1.9.47 and earlier allows remote attackers to cause a denial of service (process hang) via an empty NNTP news article with missing mandatory headers. | ||||
| CVE-2004-2081 | 1 Karjasoft | 1 Sami Ftp Server | 2026-04-16 | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file. | ||||
| CVE-2004-2082 | 1 Karjasoft | 1 Sami Ftp Server | 2026-04-16 | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | ||||
| CVE-2004-2084 | 1 Jshop E-commerce | 2 Jshop Professional, Jshop Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. | ||||
| CVE-2004-2087 | 1 Sandsurfer | 1 Sandsurfer | 2026-04-16 | N/A |
| Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user. | ||||
| CVE-2001-0069 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2006-3482 | 1 Phpmaillist | 1 Phpmaillist | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in maillist.php in PHPMailList 1.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||||
| CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | ||||
| CVE-2004-2124 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| The register_globals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. | ||||
| CVE-2002-1893 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers to inject arbitrary web script or HTML via the e-mail message. | ||||
| CVE-2004-2192 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | ||||