|
267201
|
- |
|
id_software
|
quake_ii_server
|
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP add…
|
CWE-20
Improper Input Validation
|
CVE-2004-2596
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267202
|
- |
|
id_software
|
quake_ii_server
|
Quake II server before R1Q2, as used in multiple products, allows remote attackers to bypass IP-based access control rules via a userinfo string that already contains an "ip" key/value pair but is al…
|
NVD-CWE-Other
|
CVE-2004-2597
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267203
|
- |
|
-
|
-
|
Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon.
|
NVD-CWE-Other
|
CVE-2004-2599
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267204
|
- |
|
ubertec
|
help_center_live
|
PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) allows remote attackers to read local files and possibly execute PHP code via a URL in the SKIN_inner parameter to inc/skin.p…
|
NVD-CWE-Other
|
CVE-2004-2601
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267205
|
- |
|
ubertec
|
help_center_live
|
PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) before 1.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the HCL_path parameter to pipe.php.
|
NVD-CWE-Other
|
CVE-2004-2602
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267206
|
- |
|
intel
hp
|
cli_auto-configuration_utility
client_system_setup_utility
server_configuration_wizard
server_control
system_setup_utility
carrier_grade_server_tigpr2u
carrier_grade_server_tsrlt2
The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter…
|
NVD-CWE-Other
|
CVE-2004-2600
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
267207
|
- |
|
ubertec
|
help_center_live
|
Successful exploitation requires that "register_globals" is enabled.
|
NVD-CWE-Other
|
CVE-2004-2602
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267208
|
- |
|
ubertec
|
help_center_live
|
Cross-site scripting (XSS) vulnerability in the Search module in UberTec Help Center Live (HCL) allows remote attackers to inject arbitrary web script or HTML via the find parameter to index.php.
|
NVD-CWE-Other
|
CVE-2004-2603
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267209
|
- |
|
phproxy
|
phproxy
|
Cross-site scripting (XSS) vulnerability in index.php in PHProxy allows remote attackers to inject arbitrary web script or HTML via the error parameter.
|
NVD-CWE-Other
|
CVE-2004-2604
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267210
|
- |
|
astats
|
astats
|
aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.
|
NVD-CWE-Other
|
CVE-2004-2605
|
2017-07-11 10:32 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
