|
267341
|
- |
|
silent-storm
|
silent-storm_portal
|
Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module parameter.
|
NVD-CWE-Other
|
CVE-2004-1566
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267342
|
- |
|
-
|
-
|
profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator.
|
NVD-CWE-Other
|
CVE-2004-1567
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267343
|
- |
|
parachat
|
parachat_server
|
Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL.
|
NVD-CWE-Other
|
CVE-2004-1568
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267344
|
- |
|
illustrate
|
dbpoweramp_audio_player
dbpoweramp_music_converter
|
Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or…
|
NVD-CWE-Other
|
CVE-2004-1569
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267345
|
- |
|
eaden_mckee
|
bblog
|
SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter.
|
NVD-CWE-Other
|
CVE-2004-1570
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267346
|
- |
|
aj-fork
|
aj-fork
|
AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.…
|
NVD-CWE-Other
|
CVE-2004-1571
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267347
|
- |
|
aj-fork
|
aj-fork
|
AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skins, or (5) tools, which allows remote attackers to list files in those directories via a direct HTTP…
|
NVD-CWE-Other
|
CVE-2004-1572
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267348
|
- |
|
aj-fork
cutephp
|
aj-fork
cutenews
|
The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator.
|
NVD-CWE-Other
|
CVE-2004-1573
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267349
|
- |
|
-
|
-
|
Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote attackers to execute arbitrary code via a message with a long first field.
|
NVD-CWE-Other
|
CVE-2004-1574
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267350
|
- |
|
apache
|
xerces-c\+\+
|
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document.
|
NVD-CWE-Other
|
CVE-2004-1575
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
