|
267811
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (…
|
NVD-CWE-Other
|
CVE-2004-2157
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267812
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.
|
NVD-CWE-Other
|
CVE-2004-2158
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267813
|
- |
|
xmlstarlet
|
command_line_xml_toolkit
|
Multiple buffer overflows in XMLStarlet Command Line XML Toolkit 0.9.3 have unknown impact and attack vectors via (1) xml_elem.c and (2) xml_select.c.
|
NVD-CWE-Other
|
CVE-2004-2159
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267814
|
- |
|
tutos
|
tutos
|
SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
|
NVD-CWE-Other
|
CVE-2004-2161
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267815
|
- |
|
tutos
|
tutos
|
Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to inject arbitrary web script or HTML via (1) the search field of the Address Module or (2) the t parameter to…
|
NVD-CWE-Other
|
CVE-2004-2162
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267816
|
- |
|
openbsd
|
openbsd
|
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by sp…
|
NVD-CWE-Other
|
CVE-2004-2163
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267817
|
- |
|
virtual_programming
|
vp-asp
|
shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption).
|
NVD-CWE-Other
|
CVE-2004-2164
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267818
|
- |
|
impressions_games
|
lords_of_the_realm_iii
|
Lords of the Realm III 1.01 and earlier, when in the lobby stage, allows remote attackers to cause a denial of service (crash from unallocated memory write) via a long user nickname.
|
NVD-CWE-Other
|
CVE-2004-2165
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267819
|
- |
|
canon
|
imagerunner_5000i
imagerunner_c3200
|
The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authenti…
|
NVD-CWE-Other
|
CVE-2004-2166
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267820
|
- |
|
latex2rtf
|
latex2rtf
|
Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) Tr…
|
NVD-CWE-Other
|
CVE-2004-2167
|
2017-07-11 10:31 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
