|
347071
|
- |
|
francisco_burzi
|
php-nuke
|
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
|
NVD-CWE-Other
|
CVE-2004-1998
|
2016-10-18 12:04 |
2004-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347072
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or…
|
CWE-94
Code Injection
|
CVE-2004-1926
|
2016-10-18 12:03 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347073
|
- |
|
francisco_burzi
|
php-nuke
|
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in …
|
NVD-CWE-Other
|
CVE-2004-1839
|
2016-10-18 12:01 |
2004-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347074
|
- |
|
-
|
-
|
HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character.
|
NVD-CWE-Other
|
CVE-2004-1858
|
2016-10-18 12:01 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347075
|
- |
|
openbsd
|
openbsd
|
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via…
|
NVD-CWE-Other
|
CVE-2004-1799
|
2016-10-18 12:00 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347076
|
- |
|
jera_technology
|
flash_messaging_server
|
Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected.
|
NVD-CWE-Other
|
CVE-2004-1586
|
2016-10-18 11:57 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347077
|
- |
|
cpanel
|
cpanel
|
cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
|
NVD-CWE-Other
|
CVE-2004-1604
|
2016-10-18 11:57 |
2004-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347078
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2…
|
NVD-CWE-Other
|
CVE-2004-1610
|
2016-10-18 11:57 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347079
|
- |
|
mozilla
|
mozilla
|
Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with …
|
NVD-CWE-Other
|
CVE-2004-1614
|
2016-10-18 11:57 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347080
|
- |
|
w-agora
|
w-agora
|
list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter.
|
NVD-CWE-Other
|
CVE-2004-1565
|
2016-10-18 11:56 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
