|
264691
|
- |
|
francisco_burzi
|
php-nuke
|
SQL injection vulnerability in the "public message" capability (public_message) for Php-Nuke 6.x to 7.1.0 allows remote attackers to obtain the administrator password via the c_mid parameter.
|
NVD-CWE-Other
|
CVE-2004-0266
|
2017-07-19 10:29 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264692
|
- |
|
midnight_commander
debian
gentoo
redhat
suse
turbolinux
|
midnight_commander
debian_linux
linux
enterprise_linux
linux_advanced_workstation
suse_linux
turbolinux_server
turbolinux_workstation
|
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
|
NVD-CWE-Other
|
CVE-2004-1175
|
2017-07-19 10:29 |
2005-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264693
|
- |
|
tridcomm
|
tridcomm
|
Directory traversal vulnerability in the FTP server in TriDComm 1.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in FTP commands such as (1) DIR, (2) GET, o…
|
NVD-CWE-Other
|
CVE-2004-1583
|
2017-07-19 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264694
|
- |
|
jigunet
|
twinftp_enterprise
twinftp_standard
|
Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary files via a .../ (triple dot) in the (1) CWD, (2) STOR, or (3) RETR commands.
|
NVD-CWE-Other
|
CVE-2004-1679
|
2017-07-19 10:29 |
2004-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264695
|
- |
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter.
|
NVD-CWE-Other
|
CVE-2004-1712
|
2017-07-19 10:29 |
2004-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264696
|
- |
|
francisco_burzi
|
php-nuke
|
Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 6.x through 7.3 allow remote attackers to inject arbitrary HTML or web script into the (1) optionbox parameter in the News module, (2) …
|
NVD-CWE-Other
|
CVE-2004-2020
|
2017-07-19 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264697
|
- |
|
nucleus_group
|
nucleus_cms
|
SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter.
|
NVD-CWE-Other
|
CVE-2004-2056
|
2017-07-19 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264698
|
- |
|
xlinesoft
|
asprunner
|
Multiple cross-site scripting vulnerabilities in ASPRunner 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) SearchFor parameter in [TABLE-NAME]_search.asp, (2) SQL parame…
|
NVD-CWE-Other
|
CVE-2004-2059
|
2017-07-19 10:29 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264699
|
- |
|
freshmeat
|
network_query_tool
network_query_tool_phpnuke
|
network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter.
|
NVD-CWE-Other
|
CVE-2001-1495
|
2017-07-19 10:29 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264700
|
- |
|
talentsoft
|
web\+_server
|
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc…
|
NVD-CWE-Other
|
CVE-2002-0449
|
2017-07-19 10:29 |
2002-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
