CVE-2004-1426

EPSS 0.22% · P44 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2004-1426

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

KorWeblog php远程注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

KorWeblog是韩国的一款流行的BLOG程序。 KorWeblog包含的"/install/index.php"脚本对用户提交的参数缺少充分过滤，远程攻击者可以利用这个漏洞以WEB进程权限在系统上执行任意命令。 "/install/index.php"脚本对用户提交给"lng"参数的数据缺少充分过滤，可指定远程服务器上的恶意文件作为包含文件，导致以WEB进程执行文件中的恶意PHP命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2004-1426

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2004-1426

Please Login to view more intelligence information

http://www.securityfocus.com/bid/12132vdb-entryx_refsource_BID
'KorWeblog php injection Vulnerability' - MARCmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2004-1426

Same Patch Batch · n/a · 2005-02-12 · 37 CVEs total

CVE-2004-1422		WHM Autopilot多个安全漏洞
CVE-2004-1414		Gadu-Gadu服务拒绝漏洞
CVE-2004-1415		2BGal远程SQL注入漏洞
CVE-2004-1416		Microsoft Internet Explorer 安全漏洞
CVE-2004-1417		PsychoStats登录参数跨站脚本漏洞
CVE-2004-1418		Wirtualna Polska WPKontakt远程脚本执行漏洞
CVE-2004-1419		ZeroBoard多个远程脚本注入和跨站脚本漏洞
CVE-2004-1420		WHM Autopilot多个安全漏洞
CVE-2004-1421		WHM Autopilot多个安全漏洞
CVE-2004-1413		Kayako Esupport多个跨站脚本和SQL注入漏洞
CVE-2004-1423		php-Calendar远程任意命令执行漏洞
CVE-2004-1424		Moodle 跨站脚本漏洞
CVE-2004-1425		Moodle 安全漏洞
CVE-2004-1427		KorWeblog php远程注入漏洞
CVE-2004-1428		ArGoSoft FTP Server泄露合法用户名允许暴力猜解漏洞
CVE-2004-1429		ArGoSoft FTP加密问题漏洞
CVE-2004-1430		IBProArcade远程SQL注入漏洞
CVE-2004-1431		Jacks FormMail.php远程文件包含漏洞
CVE-2004-1404		Opentools Attachment Mod多个远程漏洞
CVE-2004-1396		Nullsoft Winamp标签处理远程服务拒绝漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2004-1426

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2004-1426

I. Basic Information for CVE-2004-1426

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2004-1426

III. Intelligence Information for CVE-2004-1426

Same Patch Batch · n/a · 2005-02-12 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2004-1426

Leave a comment