2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1863 | — | — | 2.1% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka Nexus beta) allow r... |
| CVE-2004-1481 | — | — | 4.3% | Dec 31, 2004 | Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne Player 1 or 2 on Wi... |
| CVE-2004-1554 | — | — | 7.3% | Dec 31, 2004 | PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitr... |
| CVE-2004-1873 | — | — | 2.4% | Dec 31, 2004 | SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to gain privileges via ... |
| CVE-2004-1879 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script ... |
| CVE-2004-1845 | — | — | 2.2% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary ... |
| CVE-2004-1848 | — | — | 8.1% | Dec 31, 2004 | Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file siz... |
| CVE-2004-2150 | — | — | 2.4% | Dec 31, 2004 | Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and invalid account names,... |
| CVE-2004-1858 | — | — | 1.2% | Dec 31, 2004 | HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly ... |
| CVE-2004-2151 | — | — | 3.5% | Dec 31, 2004 | Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application cr... |
| CVE-2004-2222 | — | — | 1.8% | Dec 31, 2004 | Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary dire... |
| CVE-2004-1548 | — | — | 1.8% | Dec 31, 2004 | Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upl... |
| CVE-2004-1562 | — | — | 1.4% | Dec 31, 2004 | SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands... |
| CVE-2004-2218 | — | — | 2.4% | Dec 31, 2004 | SQL injection vulnerability in pmwh.php in PHPMyWebHosting 0.3.4 and earlier allows remote attackers to modify SQL state... |
| CVE-2004-2223 | — | — | 1.6% | Dec 31, 2004 | FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, w... |
| CVE-2004-1049 | — | — | 29.7% | Dec 31, 2004 | Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitra... |
| CVE-2004-2225 | — | — | 1.8% | Dec 31, 2004 | Mozilla Firefox before 0.10.1 allows remote attackers to delete arbitrary files in the download directory via a crafted ... |
| CVE-2004-1836 | — | — | 4.4% | Dec 31, 2004 | SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows remote attackers to... |
| CVE-2004-1880 | — | — | 1.8% | Dec 31, 2004 | Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service... |
| CVE-2004-1837 | — | — | 1.2% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2.0-pre4 allows remot... |
| CVE-2004-1841 | — | — | 1.3% | Dec 31, 2004 | SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via ... |
| CVE-2004-2019 | — | — | 1.7% | Dec 31, 2004 | The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid s... |
| CVE-2004-1571 | — | — | 1.6% | Dec 31, 2004 | AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) aut... |
| CVE-2004-1781 | — | — | 0.7% | Dec 31, 2004 | Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CRED... |
| CVE-2004-1584 | — | — | 11.2% | Dec 31, 2004 | CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTTP Response Splitting... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now