|
268111
|
- |
|
phpx
|
phpx
|
PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the cookie's PXL variable to reference another userID.
|
NVD-CWE-Other
|
CVE-2004-0249
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268112
|
- |
|
photopost
|
photopost_php_pro
|
SQL injection vulnerability in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain privileges via (1) the product parameter in showproduct.php or (2) the cat parameter in showcat.php.
|
NVD-CWE-Other
|
CVE-2004-0250
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268113
|
- |
|
rxgoogle.cgi
|
rxgoogle.cgi
|
Cross-site scripting (XSS) vulnerability in rxgoogle.cgi allows remote attackers to execute arbitrary script as other users via the query parameter.
|
NVD-CWE-Other
|
CVE-2004-0251
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268114
|
- |
|
typsoft
|
typsoft_ftp_server
|
TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name.
|
NVD-CWE-Other
|
CVE-2004-0252
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268115
|
- |
|
ibm
|
cloudscape
|
IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability.
|
NVD-CWE-Other
|
CVE-2004-0253
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268116
|
- |
|
crosscom_olicom
|
discuz
|
Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.
|
NVD-CWE-Other
|
CVE-2004-0254
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268117
|
- |
|
xlight_ftp_server
|
xlight_ftp_server
|
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to…
|
NVD-CWE-Other
|
CVE-2004-0255
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268118
|
- |
|
realnetworks
|
realone_desktop_manager
realone_enterprise_desktop
realone_player
realplayer
|
Multiple buffer overflows in RealOne Player, RealOne Player 2.0, RealOne Enterprise Desktop, and RealPlayer Enterprise allow remote attackers to execute arbitrary code via malformed (1) .RP, (2) .RT,…
|
NVD-CWE-Other
|
CVE-2004-0258
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268119
|
- |
|
joe_lumbroso_acks
|
formmail.php
|
The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the sa…
|
NVD-CWE-Other
|
CVE-2004-0259
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268120
|
- |
|
cactusoft
|
cactushop_lite
|
The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains a backdoor that allows remote attackers to delete arbitrary files via an email address that starts with |||.
|
NVD-CWE-Other
|
CVE-2004-0260
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
