2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-1925Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote attackers to exec...
CVE-2004-1930Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when...
CVE-2004-1932SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to exe...
CVE-2004-1933Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow lo...
CVE-2004-1060Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause ...
CVE-2004-1924Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remote atta...
CVE-2004-1922Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the...
CVE-2004-1923Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive information via a direct reque...
CVE-2004-1926Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) ...
CVE-2004-1927Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier...
CVE-2004-1920X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, wh...
CVE-2004-1921X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attacke...
CVE-2004-1919The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of service (crash) via...
CVE-2004-1918RSniff 1.0 allows remote attackers to cause a denial of service (connection exhaustion) via a large number of connection...
CVE-2004-1916Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows remote attackers to ex...
CVE-2004-1917Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary ...
CVE-2004-1915Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote attackers to execut...
CVE-2004-1357The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with th...
CVE-2004-1986Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attacker...
CVE-2004-1890Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a denial of service (ha...
CVE-2004-1875Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web s...
CVE-2004-1877The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators...
CVE-2004-1876The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute ...
CVE-2004-1878LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or gain access via a dire...
CVE-2004-1871Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to inj...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now