2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1958 | — | — | 2.4% | Dec 31, 2004 | Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwrite arbitrary files ... |
| CVE-2004-2024 | — | — | 1.1% | Dec 31, 2004 | The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functi... |
| CVE-2004-2110 | — | — | 1.1% | Dec 31, 2004 | SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL comm... |
| CVE-2004-1567 | — | — | 6.8% | Dec 31, 2004 | profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter ... |
| CVE-2004-0592 | — | — | 2.4% | Dec 31, 2004 | The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when... |
| CVE-2004-1568 | — | — | 2.5% | Dec 31, 2004 | Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (he... |
| CVE-2004-1565 | — | — | 2.1% | Dec 31, 2004 | list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involvin... |
| CVE-2004-1566 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to exec... |
| CVE-2004-1569 | — | — | 4.7% | Dec 31, 2004 | Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerA... |
| CVE-2004-1570 | — | — | 1.2% | Dec 31, 2004 | SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p... |
| CVE-2004-1562 | — | — | 1.4% | Dec 31, 2004 | SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands... |
| CVE-2004-1563 | — | — | 2.0% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web sc... |
| CVE-2004-0948 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. ... |
| CVE-2004-1243 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was... |
| CVE-2004-1564 | — | — | 6.1% | Dec 31, 2004 | CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response ... |
| CVE-2004-1911 | — | — | 1.9% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script ... |
| CVE-2004-1558 | — | — | 71.1% | Dec 31, 2004 | Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial... |
| CVE-2004-1571 | — | — | 1.6% | Dec 31, 2004 | AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) aut... |
| CVE-2004-1559 | — | — | 6.5% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web scri... |
| CVE-2004-0943 | — | — | — | Dec 31, 2004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. ... |
| CVE-2004-1560 | — | — | 25.6% | Dec 31, 2004 | Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long requ... |
| CVE-2004-1779 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject ar... |
| CVE-2004-1902 | — | — | 0.4% | Dec 31, 2004 | The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords... |
| CVE-2004-1447 | — | — | 1.7% | Dec 31, 2004 | Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers ... |
| CVE-2004-1520 | — | — | 88.5% | Dec 31, 2004 | Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a lon... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now