2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1499 | — | — | 1.8% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers ... |
| CVE-2004-1500 | — | — | 1.9% | Dec 31, 2004 | Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to caus... |
| CVE-2004-2467 | — | — | 2.8% | Dec 31, 2004 | chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a de... |
| CVE-2004-1502 | — | — | 1.3% | Dec 31, 2004 | The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socke... |
| CVE-2004-1503 | — | — | 2.4% | Dec 31, 2004 | Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions all... |
| CVE-2004-1504 | — | — | 1.6% | Dec 31, 2004 | The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to gain sen... |
| CVE-2004-2600 | — | — | 2.6% | Dec 31, 2004 | The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped... |
| CVE-2004-1506 | — | — | 1.3% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script... |
| CVE-2004-1507 | — | — | 1.5% | Dec 31, 2004 | CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the return... |
| CVE-2004-1508 | — | — | 1.6% | Dec 31, 2004 | init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter. |
| CVE-2004-1509 | — | — | 1.6% | Dec 31, 2004 | validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter... |
| CVE-2004-1510 | — | — | 1.8% | Dec 31, 2004 | WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_entry.php or (2) upc... |
| CVE-2004-1511 | — | — | 2.3% | Dec 31, 2004 | Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote attackers to execute ar... |
| CVE-2004-1512 | — | — | 1.4% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote attackers to execute... |
| CVE-2004-1513 | — | — | 1.7% | Dec 31, 2004 | 04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inj... |
| CVE-2004-1514 | — | — | 1.8% | Dec 31, 2004 | 04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via an HTTP request for... |
| CVE-2004-1515 | — | — | 1.0% | Dec 31, 2004 | SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute a... |
| CVE-2004-1516 | — | — | 1.6% | Dec 31, 2004 | CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform HTTP Response Splitti... |
| CVE-2004-1517 | — | — | 1.6% | Dec 31, 2004 | Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant mes... |
| CVE-2004-1518 | — | — | 2.3% | Dec 31, 2004 | SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbi... |
| CVE-2004-1519 | — | — | 1.2% | Dec 31, 2004 | SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arbitrary SQL commands ... |
| CVE-2004-1520 | — | — | 88.5% | Dec 31, 2004 | Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a lon... |
| CVE-2004-1521 | — | — | 1.7% | Dec 31, 2004 | Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable... |
| CVE-2004-1522 | — | — | 1.7% | Dec 31, 2004 | Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash)... |
| CVE-2004-2308 | — | — | 1.7% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrar... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now