|
268661
|
- |
|
francisco_burzi
|
php-nuke
|
SQL injection vulnerability in PHP-Nuke 6.9 and earlier, and possibly 7.x, allows remote attackers to inject arbitrary SQL code and gain sensitive information via (1) the category variable in the Sea…
|
NVD-CWE-Other
|
CVE-2004-0269
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268662
|
- |
|
maxwebportal
|
maxwebportal
|
Multiple cross-site scripting vulnerabilities (XSS) in MaxWebPortal allow remote attackers to execute arbitrary web script as other users via (1) the sub_name parameter of dl_showall.asp, (2) the Sen…
|
NVD-CWE-Other
|
CVE-2004-0271
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268663
|
- |
|
maxwebportal
|
maxwebportal
|
This vulnerability is addressed in the following product release:
MaxWebPortal, MaxWebPortal, 1.32
|
NVD-CWE-Other
|
CVE-2004-0271
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268664
|
- |
|
maxwebportal
|
maxwebportal
|
SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and gain sensitive information via the SendTo parameter in Personal Messages.
|
NVD-CWE-Other
|
CVE-2004-0272
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268665
|
- |
|
bosdev
|
bosdates
|
SQL injection vulnerability in calendar_download.php in BosDates 3.2 and earlier allows remote attackers to obtain sensitive information and gain access via the calendar parameter.
|
NVD-CWE-Other
|
CVE-2004-0275
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268666
|
- |
|
bolintech
|
dream_ftp_server
|
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.
|
NVD-CWE-Other
|
CVE-2004-0277
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268667
|
- |
|
ratbag
|
dirt_track_racing
dirt_track_racing_australia
dirt_track_racing_sprint_cars
leadfoot
world_of_outlaws_sprint_cars
|
Ratbag game engine, as used in products such as Dirt Track Racing, Leadfoot, and World of Outlaws Spring Cars, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet …
|
NVD-CWE-Other
|
CVE-2004-0278
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268668
|
- |
|
aim_sniff
|
aim_sniff
|
AIM Sniff (aimSniff.pl) 0.9b allows local users to overwrite arbitrary files via a symlink attack on /tmp/AS.log.
|
NVD-CWE-Other
|
CVE-2004-0279
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268669
|
- |
|
caucho_technology
|
resin
|
Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.
|
NVD-CWE-Other
|
CVE-2004-0280
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268670
|
- |
|
crob
|
crob_ftp_server
|
Crob FTP daemon 3.5.2 allows remote attackers to cause a denial of service (crash) by repeatedly connecting to and disconnecting from the server.
|
NVD-CWE-Other
|
CVE-2004-0282
|
2017-07-11 10:30 |
2004-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
