|
346351
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) via an invalid HTTP request, which might also leak sensitive information in the ErrorLogMsg cookie.
|
NVD-CWE-Other
|
CVE-2004-1606
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346352
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an invalid file parameter, which reveals the path in an error mes…
|
NVD-CWE-Other
|
CVE-2004-1607
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346353
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation.
|
NVD-CWE-Other
|
CVE-2004-1608
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346354
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access.
|
NVD-CWE-Other
|
CVE-2004-1609
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346355
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the s…
|
NVD-CWE-Other
|
CVE-2004-1611
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346356
|
- |
|
saleslogix_corporation
|
saleslogix
|
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
|
NVD-CWE-Other
|
CVE-2004-1612
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346357
|
- |
|
links
|
links
|
Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangl…
|
NVD-CWE-Other
|
CVE-2004-1616
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346358
|
- |
|
vypress
|
tonecast
|
Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream.
|
NVD-CWE-Other
|
CVE-2004-1618
|
2017-07-11 10:31 |
2004-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346359
|
- |
|
akella
|
privateers_bounty_age_of_sail_ii
|
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname.
|
NVD-CWE-Other
|
CVE-2004-1619
|
2017-07-11 10:31 |
2004-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346360
|
- |
|
s9y
|
serendipity
|
CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (…
|
NVD-CWE-Other
|
CVE-2004-1620
|
2017-07-11 10:31 |
2004-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
