|
266351
|
- |
|
phorum
|
phorum
|
Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php.
|
NVD-CWE-Other
|
CVE-2004-2240
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266352
|
- |
|
phorum
|
phorum
|
Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected…
|
NVD-CWE-Other
|
CVE-2004-2241
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266353
|
- |
|
phorum
|
phorum
|
Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter.
|
NVD-CWE-Other
|
CVE-2004-2242
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266354
|
- |
|
phorum
|
phorum
|
Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. NOTE: the affected ver…
|
NVD-CWE-Other
|
CVE-2004-2243
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266355
|
- |
|
oracle
|
application_server
oracle9i
|
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote …
|
NVD-CWE-Other
|
CVE-2004-2244
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266356
|
- |
|
goollery
|
goollery
|
Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpi…
|
NVD-CWE-Other
|
CVE-2004-2245
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266357
|
- |
|
goosequill
|
remoteeditor
|
Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions."
|
NVD-CWE-Other
|
CVE-2004-2248
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266358
|
- |
|
goosequill
|
audienceconnect_secureeditor
|
Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions.
|
NVD-CWE-Other
|
CVE-2004-2249
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266359
|
- |
|
goosequill
|
audienceconnect_remoteeditor
|
Unknown vulnerability in the "access code" in RemoteEditor before 0.1.6 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions.
|
NVD-CWE-Other
|
CVE-2004-2250
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266360
|
- |
|
astaro
|
security_linux
|
The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks.
|
NVD-CWE-Other
|
CVE-2004-2251
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
