2004 CVE Vulnerabilities

2,707 CVEs published in 2004.

CVE IDSeverityCVSSDescription
CVE-2004-1872Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web...
CVE-2004-1870Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers to gain users' pass...
CVE-2004-1874Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART Pro and A-CART 2.0 ...
CVE-2004-0113Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of servic...
CVE-2004-0194Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to ex...
CVE-2004-0160Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file...
CVE-2004-0158Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable ...
CVE-2004-0126The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn'...
CVE-2004-1865MEDIUM4.8Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users wi...
CVE-2004-1864SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execute arbitrary SQL comm...
CVE-2004-1866nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via a large packet, whi...
CVE-2004-1862Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 beta allow remote atta...
CVE-2004-1861Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows local users to obtain...
CVE-2004-1868Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute arbitrary code via a...
CVE-2004-1859Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x allows remote attac...
CVE-2004-1851Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, which makes it easier...
CVE-2004-1854Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code ...
CVE-2004-2037Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service ...
CVE-2004-1857Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authenticated attackers to re...
CVE-2004-1856devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows remote attackers to up...
CVE-2004-1849Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web scrip...
CVE-2004-1884Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers...
CVE-2004-1850The Rage 1.01 and earlier allows remote attackers to cause a denial of service (infinite loop) via a TCP packet with the...
CVE-2004-1852DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, whic...
CVE-2004-1855Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers ...

Check if your code is affected by 2004 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now