|
313341
|
9.8 |
CRITICAL
Network
|
microsoft
|
windows_nt
windows_xp
windows_2000
windows_98
windows_98se
|
The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts th…
|
CWE-346
Origin Validation Error
|
CVE-2000-1218
|
2024-02-9 05:47 |
2000-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313342
|
7.5 |
HIGH
Network
|
thekelleys
|
dnsmasq
|
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.
|
CWE-346
Origin Validation Error
|
CVE-2005-0877
|
2024-02-9 05:46 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313343
|
8.8 |
HIGH
Network
|
phpnuke
|
php-nuke
|
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.
|
CWE-352
Origin Validation Error
|
CVE-2004-1842
|
2024-02-9 05:46 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313344
|
6.5 |
MEDIUM
Network
|
fusetalk
|
fusetalk
|
Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm.
|
CWE-352
Origin Validation Error
|
CVE-2004-1995
|
2024-02-9 05:46 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313345
|
8.8 |
HIGH
Network
|
fusionphp
|
fusion_news
|
Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is …
|
CWE-352
Origin Validation Error
|
CVE-2004-1703
|
2024-02-9 05:46 |
2004-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313346
|
8.8 |
HIGH
Network
|
openbb
|
openbb
|
Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0…
|
CWE-352
Origin Validation Error
|
CVE-2004-1967
|
2024-02-9 05:46 |
2004-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313347
|
7.8 |
HIGH
Local
|
lynx_project
|
lynx
|
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL tha…
|
CWE-346
Origin Validation Error
|
CVE-1999-1549
|
2024-02-9 05:46 |
1999-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313348
|
7.5 |
HIGH
Network
|
cisco
|
ip_phone_7940_firmware
ip_phone_7960_firmware
|
Cisco 7940/7960 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages suc…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2005-2181
|
2024-02-9 05:45 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313349
|
7.5 |
HIGH
Network
|
grandstream
|
bt-100_firmware
|
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spo…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2005-2182
|
2024-02-9 05:45 |
2005-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313350
|
9.8 |
CRITICAL
Network
|
sgi
|
irix
|
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a pass…
|
CWE-346
Origin Validation Error
|
CVE-2003-0174
|
2024-02-9 05:45 |
2003-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
