|
345791
|
- |
|
ibm
|
aix
|
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be r…
|
CWE-362
Race Condition
|
CVE-2004-2697
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345792
|
- |
|
imwheel
|
imwheel
|
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink at…
|
CWE-362
Race Condition
|
CVE-2004-2698
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345793
|
- |
|
aspdotnetstorefront
|
aspdotnetstorefront
|
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2699
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345794
|
- |
|
aspdotnetstorefront
|
aspdotnetstorefront
|
Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2004-2701
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345795
|
- |
|
swsoft
|
plesk
|
Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the login_name parameter. NOTE: this might …
|
CWE-79
Cross-site Scripting
|
CVE-2004-2702
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345796
|
- |
|
clearswift
|
mailsweeper_business_suite_i
mailsweeper_business_suite_ii
mailsweeper_for_smtp
mimesweeper_for_web
|
Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted …
|
CWE-310
Cryptographic Issues
|
CVE-2004-2703
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345797
|
- |
|
phrozensmoke
|
gyach_enhanced
|
Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP …
|
NVD-CWE-noinfo
|
CVE-2004-2707
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345798
|
- |
|
windowmaker
|
windowmaker
|
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vul…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2004-2714
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345799
|
- |
|
php_heaven
|
phpmychat
|
edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false.
|
CWE-287
Improper Authentication
|
CVE-2004-2715
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345800
|
- |
|
php_heaven
|
phpmychat
|
Multiple SQL injection vulnerabilities in usersL.php3 in PHPMyChat 0.14.5 allow remote attackers to execute arbitrary SQL commands via the (1) sortBy, (2) sortOrder, (3) startReg, (4) U, (5) LastChec…
|
CWE-89
SQL Injection
|
CVE-2004-2716
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
