|
267101
|
- |
|
verisign
|
payflow_link
|
Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the data in the hidden AMOUNT field, which allows remote attackers to modify the price of the items that t…
|
NVD-CWE-Other
|
CVE-2004-1209
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267102
|
- |
|
ipcop
|
ipcop
|
Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) part variabl…
|
NVD-CWE-Other
|
CVE-2004-1210
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267103
|
- |
|
david_harris
|
mercury
|
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long argume…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2004-1211
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267104
|
- |
|
blog_torrent
|
blog_torrent_preview
|
Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. (dot dot) in the file argument.
|
NVD-CWE-Other
|
CVE-2004-1212
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267105
|
- |
|
advanced_guestbook
|
advanced_guestbook
|
Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parame…
|
NVD-CWE-Other
|
CVE-2004-1213
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267106
|
- |
|
burut
|
kreed
|
Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.
|
NVD-CWE-Other
|
CVE-2004-1214
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267107
|
- |
|
burut
|
kreed
|
Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error.
|
NVD-CWE-Other
|
CVE-2004-1215
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267108
|
- |
|
burut
|
kreed
|
The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes o…
|
NVD-CWE-Other
|
CVE-2004-1216
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267109
|
- |
|
hosting_controller
|
hosting_controller
|
Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.as…
|
NVD-CWE-Other
|
CVE-2004-1217
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267110
|
- |
|
ibex_software
|
remote_execute
|
Remote Execute 2.30 allows remote attackers to cause a denial of service (application crash) by making 7 simultaneous connections.
|
NVD-CWE-Other
|
CVE-2004-1218
|
2017-07-11 10:30 |
2005-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
