|
264511
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for differ…
|
CWE-255
Credentials Management
|
CVE-2004-2696
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264512
|
- |
|
ibm
|
aix
|
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be r…
|
CWE-362
Race Condition
|
CVE-2004-2697
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264513
|
- |
|
imwheel
|
imwheel
|
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink at…
|
CWE-362
Race Condition
|
CVE-2004-2698
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264514
|
- |
|
aspdotnetstorefront
|
aspdotnetstorefront
|
deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2699
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264515
|
- |
|
aspdotnetstorefront
|
aspdotnetstorefront
|
Cross-site scripting (XSS) vulnerability in signin.aspx for AspDotNetStorefront 3.3 allows remote attackers to inject arbitrary web script or HTML via the returnurl parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2004-2701
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264516
|
- |
|
swsoft
|
plesk
|
Cross-site scripting (XSS) vulnerability in login_up.php3 in Plesk 7.0 and 7.1 Reloaded allows remote attackers to inject arbitrary web script or HTML via the login_name parameter. NOTE: this might …
|
CWE-79
Cross-site Scripting
|
CVE-2004-2702
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264517
|
- |
|
clearswift
|
mailsweeper_business_suite_i
mailsweeper_business_suite_ii
mailsweeper_for_smtp
mimesweeper_for_web
|
Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted …
|
CWE-310
Cryptographic Issues
|
CVE-2004-2703
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264518
|
- |
|
phrozensmoke
|
gyach_enhanced
|
Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP …
|
NVD-CWE-noinfo
|
CVE-2004-2707
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264519
|
- |
|
windowmaker
|
windowmaker
|
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vul…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2004-2714
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264520
|
- |
|
php_heaven
|
phpmychat
|
edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false.
|
CWE-287
Improper Authentication
|
CVE-2004-2715
|
2017-07-29 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
