268151
|
- |
|
ikonboard.com
|
ikonboard
|
SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the (1) st or (2) keywords parameter.
|
NVD-CWE-Other
|
CVE-2004-1406
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268152
|
- |
|
singapore
|
image_gallery_web_application
|
Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete…
|
NVD-CWE-Other
|
CVE-2004-1407
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268153
|
- |
|
-
|
-
|
The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files.
|
NVD-CWE-Other
|
CVE-2004-1408
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268154
|
- |
|
gadu-gadu
|
gadu-gadu_instant_messenger
|
Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters.
|
NVD-CWE-Other
|
CVE-2004-1411
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268155
|
- |
|
kayako
|
esupport
|
Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter.
|
NVD-CWE-Other
|
CVE-2004-1412
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268156
|
- |
|
kayako
|
esupport
|
Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbitrary SQL commands via the (1) subcat, (2) rate, (3) questiondetails, (4) ticketkey22, (5) email22 …
|
NVD-CWE-Other
|
CVE-2004-1413
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268157
|
- |
|
ben3w
|
2bgal
|
SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter.
|
NVD-CWE-Other
|
CVE-2004-1415
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268158
|
- |
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an e-mail address, which is not quoted when a parsing error …
|
NVD-CWE-Other
|
CVE-2004-1418
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268159
|
- |
|
zeroboard
|
zeroboard
|
PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) _zb_path parameter to outlogin.php or (2) dir parame…
|
CWE-94
Code Injection
|
CVE-2004-1419
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268160
|
- |
|
zeroboard
|
zeroboard
|
requires that register_globals be enabled
|
CWE-94
Code Injection
|
CVE-2004-1419
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|