|
347831
|
- |
|
coolphp
|
coolphp_web_portal
|
Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to access arbitrary files and execute local PHP scripts via a .. (dot dot) in the op parameter.
|
NVD-CWE-Other
|
CVE-2004-1601
|
2017-07-11 10:31 |
2004-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347832
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator.
|
NVD-CWE-Other
|
CVE-2004-1605
|
2017-07-11 10:31 |
2004-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347833
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) via an invalid HTTP request, which might also leak sensitive information in the ErrorLogMsg cookie.
|
NVD-CWE-Other
|
CVE-2004-1606
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347834
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an invalid file parameter, which reveals the path in an error mes…
|
NVD-CWE-Other
|
CVE-2004-1607
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347835
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation.
|
NVD-CWE-Other
|
CVE-2004-1608
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347836
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access.
|
NVD-CWE-Other
|
CVE-2004-1609
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347837
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the s…
|
NVD-CWE-Other
|
CVE-2004-1611
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347838
|
- |
|
saleslogix_corporation
|
saleslogix
|
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
|
NVD-CWE-Other
|
CVE-2004-1612
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347839
|
- |
|
links
|
links
|
Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangl…
|
NVD-CWE-Other
|
CVE-2004-1616
|
2017-07-11 10:31 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347840
|
- |
|
vypress
|
tonecast
|
Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream.
|
NVD-CWE-Other
|
CVE-2004-1618
|
2017-07-11 10:31 |
2004-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
