|
346941
|
- |
|
jelsoft
|
vbulletin
|
SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php.
|
NVD-CWE-Other
|
CVE-2004-1515
|
2016-10-18 11:55 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346942
|
- |
|
new_media_generation
|
hired_team_trial
|
Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players off the server, including the administrator.
|
NVD-CWE-Other
|
CVE-2004-1526
|
2016-10-18 11:55 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346943
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary c…
|
NVD-CWE-Other
|
CVE-2004-1405
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346944
|
- |
|
singapore
|
image_gallery_web_application
|
Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML.
|
NVD-CWE-Other
|
CVE-2004-1409
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346945
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers to inject arbitrary web script via a URL, which is echoed in a popup window that displays a parsing…
|
NVD-CWE-Other
|
CVE-2004-1410
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346946
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images.
|
NVD-CWE-Other
|
CVE-2004-1414
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346947
|
- |
|
korweblog
|
korweblog
|
Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng…
|
NVD-CWE-Other
|
CVE-2004-1426
|
2016-10-18 11:54 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346948
|
- |
|
asante
|
fm2008_managed_ethernet_switch
|
The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access.
|
NVD-CWE-Other
|
CVE-2004-1321
|
2016-10-18 11:53 |
2004-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346949
|
- |
|
oracle
|
application_server
collaboration_suite
e-business_suite
enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control
oracle10g
oracle8i
oracle9i
|
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-reada…
|
CWE-200
Information Exposure
|
CVE-2004-1367
|
2016-10-18 11:53 |
2004-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346950
|
- |
|
gnu
|
glibc
|
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
|
NVD-CWE-Other
|
CVE-2004-1382
|
2016-10-18 11:53 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
