2004 CVE Vulnerabilities
2,707 CVEs published in 2004.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2004-1549 | — | — | 1.6% | Dec 31, 2004 | The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could all... |
| CVE-2004-1550 | — | — | 18.6% | Dec 31, 2004 | Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an adm... |
| CVE-2004-1551 | — | — | 2.6% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attack... |
| CVE-2004-1552 | — | — | 4.1% | Dec 31, 2004 | SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the us... |
| CVE-2004-1553 | — | — | 2.4% | Dec 31, 2004 | SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statements via (1) the usern... |
| CVE-2004-1554 | — | — | 7.3% | Dec 31, 2004 | PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitr... |
| CVE-2004-1555 | — | — | 1.9% | Dec 31, 2004 | Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary S... |
| CVE-2004-1556 | — | — | 1.6% | Dec 31, 2004 | MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connect... |
| CVE-2004-1557 | — | — | 1.5% | Dec 31, 2004 | MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a... |
| CVE-2004-1558 | — | — | 71.1% | Dec 31, 2004 | Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial... |
| CVE-2004-1559 | — | — | 6.5% | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web scri... |
| CVE-2004-1560 | — | — | 25.6% | Dec 31, 2004 | Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long requ... |
| CVE-2004-1561 | — | — | 78.3% | Dec 31, 2004 | Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with ... |
| CVE-2004-1562 | — | — | 1.4% | Dec 31, 2004 | SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute arbitrary SQL commands... |
| CVE-2004-2485 | — | — | 1.5% | Dec 31, 2004 | Unspecified vulnerability in PHP Live! before 2.8.2, due to a "major security problem," allows remote attackers to inclu... |
| CVE-2004-1564 | — | — | 6.1% | Dec 31, 2004 | CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response ... |
| CVE-2004-1573 | — | — | 0.5% | Dec 31, 2004 | The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local ... |
| CVE-2004-1566 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to exec... |
| CVE-2004-1567 | — | — | 6.8% | Dec 31, 2004 | profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter ... |
| CVE-2004-1568 | — | — | 2.5% | Dec 31, 2004 | Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (he... |
| CVE-2004-1569 | — | — | 4.7% | Dec 31, 2004 | Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerA... |
| CVE-2004-1570 | — | — | 1.2% | Dec 31, 2004 | SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p... |
| CVE-2004-1571 | — | — | 1.6% | Dec 31, 2004 | AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) aut... |
| CVE-2004-1572 | — | — | 2.2% | Dec 31, 2004 | AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, whi... |
| CVE-2004-2468 | — | — | 1.3% | Dec 31, 2004 | Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and earlier allows remote attackers to inject arbitrary web ... |
Check if your code is affected by 2004 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now