|
315381
|
8.2 |
HIGH
Network
|
-
|
-
|
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38166
|
2024-08-8 11:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315382
|
- |
|
-
|
-
|
Format string vulnerability in vsybase.c in vpopmail 5.4.2 and earlier has unknown impact and attack vectors. NOTE: in a followup post, it was observed that the source code used constants that, when…
|
NVD-CWE-Other
|
CVE-2004-2238
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315383
|
- |
|
gnu
|
less
|
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings …
|
NVD-CWE-Other
|
CVE-2004-2264
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315384
|
- |
|
microsoft
|
windows_2000
windows_2003_server
windows_xp
|
Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl f…
|
NVD-CWE-Other
|
CVE-2004-2339
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315385
|
- |
|
apache
|
http_server
|
Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an ErrorDocument directive. …
|
NVD-CWE-Other
|
CVE-2004-2343
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315386
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a…
|
NVD-CWE-Other
|
CVE-2004-2657
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315387
|
- |
|
zonelabs
|
zonealarm
|
Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2713
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315388
|
- |
|
nessus
|
nessus
|
Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue
|
CWE-255
Credentials Management
|
CVE-2004-2722
|
2024-08-8 11:15 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315389
|
- |
|
php
|
php
|
PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd …
|
NVD-CWE-Other
|
CVE-2003-0249
|
2024-08-8 11:15 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315390
|
- |
|
ibm
|
lotus_domino
|
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbi…
|
NVD-CWE-Other
|
CVE-2004-1621
|
2024-08-8 10:15 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
