|
348081
|
- |
|
mozilla
|
mozilla
|
The XMLHttpRequest object in Mozilla 1.7.8 supports the HTTP TRACE method, which allows remote attackers to obtain (1) proxy authentication passwords via a request with a "Max-Forwards: 0" header or …
|
CWE-94
Code Injection
|
CVE-2005-4874
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348082
|
- |
|
typo3
|
typo3
|
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment…
|
CWE-200
Information Exposure
|
CVE-2005-4875
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348083
|
- |
|
ignite_realtime
|
openfire
|
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.2.2, and possibly other versions before 2.3.0 Beta 2, allows remote attac…
|
CWE-79
Cross-site Scripting
|
CVE-2005-4876
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348084
|
- |
|
ignite_realtime
|
openfire
|
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.3.0 Beta 2 allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2005-4877
|
2017-08-8 10:29 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348085
|
- |
|
sun
|
sunforum
|
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), a…
|
NVD-CWE-noinfo
|
CVE-2004-2758
|
2017-08-8 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348086
|
- |
|
sun
|
storedge_qfs
storedge_sam-qfs
storeedge_performance_suite
storeedge_utilization_suite
|
Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by acce…
|
NVD-CWE-Other
|
CVE-2004-2759
|
2017-08-8 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348087
|
- |
|
bajie
|
java_http_server
|
Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is …
|
CWE-79
Cross-site Scripting
|
CVE-2003-1543
|
2017-08-8 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348088
|
- |
|
microsoft
|
windows_2000
|
Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on…
|
NVD-CWE-Other
|
CVE-2003-1544
|
2017-08-8 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348089
|
- |
|
filebased
|
guestbook
|
Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section.
|
CWE-79
Cross-site Scripting
|
CVE-2003-1546
|
2017-08-8 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348090
|
- |
|
xoops
|
xoops
|
XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2003-1550
|
2017-08-8 10:29 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
