|
346521
|
- |
|
geovision
|
geohttpserver
|
GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines).
|
NVD-CWE-Other
|
CVE-2004-2100
|
2016-10-18 12:06 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346522
|
- |
|
phorum
|
phorum
|
SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.
|
NVD-CWE-Other
|
CVE-2004-2110
|
2016-10-18 12:06 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346523
|
- |
|
iss
|
blackice_pc_protection
|
The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users …
|
NVD-CWE-Other
|
CVE-2004-2126
|
2016-10-18 12:06 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346524
|
- |
|
phpbb_group
|
phpbb
|
Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables.
|
NVD-CWE-Other
|
CVE-2004-2130
|
2016-10-18 12:06 |
2004-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346525
|
- |
|
linux
|
linux_kernel
|
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decr…
|
NVD-CWE-Other
|
CVE-2004-2135
|
2016-10-18 12:06 |
2004-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346526
|
- |
|
linux
|
linux_kernel
|
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryp…
|
NVD-CWE-Other
|
CVE-2004-2136
|
2016-10-18 12:06 |
2004-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346527
|
- |
|
esesix
|
thintune
|
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing.
|
NVD-CWE-Other
|
CVE-2004-2052
|
2016-10-18 12:05 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346528
|
- |
|
francisco_burzi
|
php-nuke
|
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
|
NVD-CWE-Other
|
CVE-2004-1998
|
2016-10-18 12:04 |
2004-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346529
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or…
|
CWE-94
Code Injection
|
CVE-2004-1926
|
2016-10-18 12:03 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346530
|
- |
|
francisco_burzi
|
php-nuke
|
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in …
|
NVD-CWE-Other
|
CVE-2004-1839
|
2016-10-18 12:01 |
2004-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
