|
353001
|
- |
|
iss
|
blackice_pc_protection
|
The upgrade for BlackICE PC Protection 3.6 and earlier sets insecure permissions for .INI files such as (1) blackice.ini, (2) firewall.ini, (3) protect.ini, or (4) sigs.ini, which allows local users …
|
NVD-CWE-Other
|
CVE-2004-2126
|
2016-10-18 12:06 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353002
|
- |
|
phpbb_group
|
phpbb
|
Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables.
|
NVD-CWE-Other
|
CVE-2004-2130
|
2016-10-18 12:06 |
2004-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353003
|
- |
|
linux
|
linux_kernel
|
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decr…
|
NVD-CWE-Other
|
CVE-2004-2135
|
2016-10-18 12:06 |
2004-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353004
|
- |
|
linux
|
linux_kernel
|
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryp…
|
NVD-CWE-Other
|
CVE-2004-2136
|
2016-10-18 12:06 |
2004-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353005
|
- |
|
esesix
|
thintune
|
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing.
|
NVD-CWE-Other
|
CVE-2004-2052
|
2016-10-18 12:05 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353006
|
- |
|
francisco_burzi
|
php-nuke
|
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
|
NVD-CWE-Other
|
CVE-2004-1998
|
2016-10-18 12:04 |
2004-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353007
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or…
|
CWE-94
Code Injection
|
CVE-2004-1926
|
2016-10-18 12:03 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353008
|
- |
|
francisco_burzi
|
php-nuke
|
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in …
|
NVD-CWE-Other
|
CVE-2004-1839
|
2016-10-18 12:01 |
2004-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353009
|
- |
|
-
|
-
|
HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character.
|
NVD-CWE-Other
|
CVE-2004-1858
|
2016-10-18 12:01 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353010
|
- |
|
openbsd
|
openbsd
|
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via…
|
NVD-CWE-Other
|
CVE-2004-1799
|
2016-10-18 12:00 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
