|
347721
|
- |
|
phprojekt
|
phprojekt
|
PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows remote attackers to include arbitrary PHP code via a URL in the path_pre parameter.
|
CWE-94
Code Injection
|
CVE-2004-2740
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347722
|
- |
|
horde
|
application_framework
|
Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) module, (2) to…
|
CWE-79
Cross-site Scripting
|
CVE-2004-2741
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347723
|
- |
|
businessobjects
|
crystal_enterprise
|
Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RP…
|
CWE-79
Cross-site Scripting
|
CVE-2004-2742
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347724
|
- |
|
raditha_dissanayake
|
mega_upload_progress_bar
|
upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2743
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347725
|
- |
|
phplist
|
mailing_list_manager
|
Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has unknown impact and attack vectors, related to a "security update release."
|
NVD-CWE-noinfo
|
CVE-2004-2744
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347726
|
- |
|
2wire
|
homeportal
|
Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) i…
|
CWE-22
Path Traversal
|
CVE-2004-2749
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347727
|
- |
|
postnuke_software_foundation
|
postnuke
|
SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter.
|
CWE-89
SQL Injection
|
CVE-2004-2751
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347728
|
- |
|
hp
|
hp-ux
|
Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "fil…
|
NVD-CWE-noinfo
|
CVE-2004-2753
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347729
|
- |
|
symantec
|
web_security
|
Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked …
|
CWE-79
Cross-site Scripting
|
CVE-2004-2755
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347730
|
- |
|
novell
|
ichain
|
Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2004-2757
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
